在 Office 365 和本地通过邮箱使用第三方云服务管理邮件流Manage mail flow using a third-party cloud service with mailboxes on Office 365 and on-prem

摘要:如何在 Exchange 混合环境中(本地和 Office 365 中均存在 Exchange 邮箱时)使用第三方云服务管理邮件流。Summary: How to manage mail flow with a third-party cloud service in an Exchange hybrid environment (when your Exchange mailboxes are both on premises and in Office 365).

本主题涵盖使用 Office 365 的最复杂的邮件流方案。This topic covers the most complex mail flow scenario using Office 365.

备注

示例contoso.com。Contoso 邮件服务器的 IP 地址是 131.107.21.231,它的第三方提供程序将 10.10.10.1 用作其 IP 地址。这些只是示例。必要时,您可以对这些示例进行修改,以适合您的组织的域名和面向公众的 IP 地址。Examples in this guide use the fictitious organization, Contoso, which owns the domain contoso.com. The IP address of the Contoso mail server is 131.107.21.231, and its third-party provider uses 10.10.10.1 for their IP address. These are just examples. You can adapt these examples to fit your organization's domain name and public-facing IP address where necessary.

在 Office 365 和组织的邮件服务器上的邮箱中使用第三方云服务Using a third-party cloud service with mailboxes on Office 365 and on my organization's mail servers

方案Scenario

  • 我要将我的邮箱迁移到 Office 365,并且我希望将某些邮箱保留在我组织的本地邮件服务器上。我想要使用第三方云服务筛选来自 Internet 的垃圾邮件。我发送到 Internet 的邮件必须通过 Office 365 进行路由,以免将我的本地服务器的 IP 地址添加到外部阻止列表中。I'm migrating my mailboxes to Office 365, and I want to keep some mailboxes on my organization's on-premises mail server. I want to use a third-party cloud service to filter spam from the Internet. My messages to the Internet must route through Office 365 to prevent my on-premises servers' IP addresses from being added to external block lists.

针对这种情况,你的组织的邮件流设置如下图所示。In this scenario, your organization's mail flow setup looks like the following diagram.

邮件流图表,显示从 Internet 转到第三方服务再传输到 Office 365 最后发送到内部部署服务器的邮件。从内部部署服务器转到 Office 365 再发送到 Internet 的邮件(绕过第三方服务)。

最佳实践Best practices

  1. 在 Office 365 中添加你的自定义域。若要证明你拥有这些域,请按照添加用户和域中的说明操作。Add your custom domains in Office 365. To prove that you own the domains, follow the instructions in Add users and domains.

  2. 用户邮箱 Exchange Online 中创建移动到 Office 365 的所有用户的邮箱Create user mailboxes in Exchange Online or move all users' mailboxes to Office 365.

  3. 更新你在步骤 1 中添加的域的 DNS 记录。(不确定该怎么做?按照此页中的说明进行操作。)以下 DNS 记录控制邮件流:Update the DNS records for the domains that you added in step 1. (Not sure how to do this? Follow the instructions on this page.) The following DNS records control mail flow:

    • MX 记录 - 将 MX 记录指向第三方服务。按照第三方服务的准则配置 MX 记录。MX record - Point your MX record to your third-party service. Follow their guidelines for configuring your MX record.

    • SPF 记录 - 因为你的域的 MX 记录必须指向第三方服务(换句话说,你需要复杂路由),所以你的 SPF 记录也应包括第三方服务。按照第三方提供程序的准则将它们添加到你的 SPF 记录。此外,将你的本地服务器的 Office 365 和 IP 地址添加为有效的发件人。例如,如果 contoso.com 为您的域名,而第三方云服务的 IP 地址是 10.10.10.1,您的本地服务器 IP 地址是 131.107.21.231,那么 contoso.com 的 SPF 记录应为:SPF record - Because your domain's MX record must point to a third-party service (in other words, you require complex routing), include the third-party service in your SPF record. Follow the third-party provider's guidelines for adding them to your SPF record. Also add Office 365 and the IP addresses of your on-premises servers as valid senders. For example, if contoso.com is your domain name, the third-party cloud service IP address is 10.10.10.1, and your on-premises server IP address is 131.107.21.231, the SPF record for contoso.com should be:

    v=spf1 ipv4:10.10.10.1 ipv4: 131.107.21.231 include:spf.protection.outlook.com -all
    

    此外,根据第三方的要求,你必须包括第三方的域,如以下示例所示:Alternatively, depending on the third-party's requirements, you might need to include the domain from the third-party, as shown in the following example:

    v= ipv4: 131.107.21.231 spf1 include:spf.protection.outlook.com include:third_party_cloud_service.com -all
    

See alsoSee also

Exchange Online 和 Office 365 邮件流最佳做法(概述)Mail flow best practices for Exchange Online and Office 365 (overview)

使用 Office 365 管理所有邮箱和的邮件流Manage all mailboxes and mail flow using Office 365

在 Office 365 中使用第三方云服务管理邮件流Manage mail flow using a third-party cloud service with Office 365

Manage mail flow with mailboxes in multiple locations (Office 365 and on-prem)Manage mail flow with mailboxes in multiple locations (Office 365 and on-prem)

解决 Office 365 邮件流问题Troubleshoot Office 365 mail flow

通过验证您的 Office 365 连接器测试邮件流Test mail flow by validating your Office 365 connectors