管理多個位置 (Office 365 和 prem 上) 中的信箱與郵件流程Manage mail flow with mailboxes in multiple locations (Office 365 and on-prem)

摘要: 如何管理在 Exchange 混合式環境中,這是一些信箱位於內部部署和部分是在 Office 365 時的郵件流程。Summary: How to manage mail flow in an Exchange hybrid environment, which is when some mailboxes are on-premises and some are in Office 365.

本主題涵蓋下列複雜的郵件流程案例使用 Office 365:This topic covers the following complex mail flow scenarios using Office 365:

案例 1: MX 記錄指向 Office 365 與 Office 365 來篩選所有郵件: MX 記錄指向 Office 365 與 Office 365 來都篩選所有郵件。Scenario 1: MX record points to Office 365 and Office 365 filters all messages: MX record points to Office 365 and Office 365 filters all messages.

案例 2: MX 記錄指向 Office 365 與郵件是篩選過的內部: MX 記錄指向 Office 365 與郵件是篩選過的內部。Scenario 2: MX record points to Office 365 and mail is filtered on-premises: MX record points to Office 365 and mail is filtered on-premises.

案例 3: MX 記錄指向 「 我的內部伺服器: MX 記錄指向 「 我的內部伺服器。Scenario 3: MX record points to my on-premises servers: MX record points to my on-premises servers.

案例 4: MX 記錄指向 「 我的內部伺服器,篩選,並提供您的郵件符合性解決方案。您的內部部署伺服器必須透過 Office 365 的網際網路郵件轉送。: MX 記錄指向 「 我的內部伺服器,篩選,並提供您的郵件符合性解決方案。您的內部部署伺服器必須轉送至網際網路透過 Office 365 的郵件。Scenario 4: MX record points to my on-premises server, which filters and provides compliance solutions for your messages. Your on-premises server needs to relay messages to the internet through Office 365.: MX record points to my on-premises server, which filters and provides compliance solutions for your messages. Your on-premises server must relay messages to the Internet through Office 365.

注意

本主題中的範例使用虛構組織 Contoso,擁有網域 contoso.com。Contoso 的郵件伺服器的 IP 位址 131.107.21.231,且其第三方提供者使用其 IP 位址 10.10.10.1。這些是剛剛範例。您可以採用以下範例在必要時才符合貴組織的網域名稱與公開 IP 位址。Examples in this topic use the fictitious organization, Contoso, which owns the domain contoso.com. The IP address of the Contoso mail server is 131.107.21.231, and its third-party provider uses 10.10.10.1 for their IP address. These are just examples. You can adapt these examples to fit your organization's domain name and public-facing IP address where necessary.

管理郵件流程一些信箱位於 Office 365 中的位置和一些信箱位於您組織的郵件伺服器Manage mail flow where some mailboxes are in Office 365 and some mailboxes are on your organization's mail servers

案例 1: MX 記錄指向 Office 365 與 Office 365 來篩選所有郵件Scenario 1: MX record points to Office 365 and Office 365 filters all messages

  • 我正在將 「 我的信箱移轉至 Office 365 與我想要保留在組織中的郵件伺服器 (內部部署伺服器) 上的一些信箱。我要用作 「 我的垃圾郵件篩選解決方案中的 Office 365 和想要使用 Office 365 從 「 我的內部伺服器傳送 「 我的郵件至網際網路。Office 365 傳送及接收所有的郵件。I'm migrating my mailboxes to Office 365, and I want to keep some mailboxes on my organization's mail server (on-premises server). I want to use Office 365 as my spam filtering solution and want to send my messages from my on-premises server to the Internet by using Office 365. Office 365 sends and receives all messages.

誰需要混合郵件流程設定的大部分客戶應該允許執行所有其篩選和路由傳送的 Office 365。建議您因為這提供最精準的垃圾郵件篩選您的 MX 記錄指向 Office 365。此案例中,您的組織郵件流程設定看起來像是下圖。Most customers who need a hybrid mail flow setup should allow Office 365 to perform all their filtering and routing. We recommend that you point your MX record to Office 365 because this provides for the most accurate spam filtering. For this scenario, your organization's mail flow setup looks like the following diagram.

郵件流程圖顯示的案例為您的 MX 記錄會指向 Office 365,而且來自網際網路的郵件會先移至 Office 365,再移至內部部署伺服器。從內部部署伺服器傳來的郵件會先移至 Office 365,再移至網際網路。

最佳作法Best practices

  1. Office 365 中新增自訂的網域。若要證明您擁有的網域,請遵循新增使用者和網域中的指示。Add your custom domains in Office 365. To prove that you own the domains, follow the instructions in Add users and domains.

  2. 建立使用者信箱在 Exchange Online移至 Office 365 的所有使用者的信箱Create user mailboxes in Exchange Online or move all users' mailboxes to Office 365.

  3. 更新您在步驟 1 中新增的網域的 DNS 記錄。(不確定如何執行這項作業嗎?遵循指示本頁。)下列的 DNS 記錄控制郵件流程:Update the DNS records for the domains that you added in step 1. (Not sure how to do this? Follow the instructions on this page.) The following DNS records control mail flow:

    • MX 記錄: 您的 MX 記錄指向 Office 365 以下列格式: <domainKey>-com.mail.protection.outlook.comMX record: Point your MX record to Office 365 in the following format: <domainKey>-com.mail.protection.outlook.com

      例如,如果您的網域是 contoso.com,MX 記錄應該: contoso com.mail.protection.outlook.com。For example, if your domain is contoso.com, the MX record should be: contoso-com.mail.protection.outlook.com.

    • SPF 記錄: 這應為有效的寄件者加上任何從連線至 EOP,您的內部伺服器的 IP 位址列出 Office 365 與任何第三方代表您組織的傳送電子郵件。例如,如果貴組織的郵件伺服器的網際網路對向 IP 位址 is131.107.21.231,應該先 contoso.com 的 SPF 記錄:SPF record: This should list Office 365 as a valid sender, plus any IP addresses from your on-premises servers that connect to EOP, and any third parties that send email on behalf of your organization. For example, if your organization's mail server's Internet-facing IP address is131.107.21.231, the SPF record for contoso.com should be:

    v=spf1 ipv4: 131.107.21.231  include:spf.protection.outlook.co  m -all
    

    或者,因為第三方的需求,而您可能需要包含從協力廠商網域在下列範例所示:Alternatively, depending on the third-party's requirements, you might need to include the domain from the third-party, as shown in the following example:

    v=spf1 include:spf.protection.outlook.com include:third_party_cloud_service.com -all
    
  4. 在 Exchange 系統管理中心中,使用來使用 Office 365 中的連接器設定郵件流程[連接器] 精靈在下列情況:In the Exchange admin center, use the connector wizard to Configure mail flow using connectors in Office 365 for the following scenarios:

    • 從 Office 365 的郵件傳送至您的組織部署郵件伺服器Sending messages from Office 365 to your organization's mail servers

    • 將郵件從內部部署伺服器傳送至 Office 365Sending messages from your on-premises servers to Office 365

      如果任一下列案例適用您的組織,您必須建立以支援從內部部署伺服器傳送的郵件至 Office 365 的連接器。If either of the following scenarios apply to your organization, you must create a connector to support sending mail from your on-premises servers to Office 365.

    • 您的組織已獲得授權,可代表您的用戶端傳送郵件,但在組織不會擁有網域。例如,contoso.com 有權傳送透過 fabrikam.com、 不屬於 contoso.com 電子郵件。Your organization is authorized to send messages on behalf of your client, but your organization doesn't own the domain. For example, contoso.com is authorized to send email through fabrikam.com, which doesn't belong to contoso.com.

    • 您的組織將轉送至網際網路透過 Office 365 的未傳遞回報 (Ndr)。Your organization relays non-delivery reports (NDRs) to the Internet through Office 365.

      若要建立的連接器,選擇第一個選項精靈] 中連接器架設在Office 365 如何應識別您的電子郵件伺服器的電子郵件] 畫面上。To create the connector, choose the first option in the connector creation wizard on the How should Office 365 identify email for your email server screen.

      顯示「適用於 Exchange 的混合式連線精靈」新連接器的螢幕擷取畫面

      這可讓 Office 365 來識別您的電子郵件伺服器所使用的憑證。在此案例中,CN 或主體替代名稱 (SAN) 憑證會包含您的組織所屬的網域。如需詳細資訊,請參閱 <識別電子郵件從您的電子郵件伺服器。如連接器組態的詳細資訊,請參閱第 2 部分: 設定郵件流程電子郵件伺服器的 Office 365 以This enables Office 365 to identify your email server by using the certificate. In this scenario, the certificate CN or Subject Alternative Name (SAN) contains the domain that belongs to your organization. For more details, see Identifying email from your email server. For connector configuration details see, Part 2: Configure mail to flow from your email server to Office 365.

  5. 除非您協力廠商的其中一個具有特殊的需求,例如銀行與強制 TLS,您不需要在以下案例的連接器。You don't need connectors in the following scenarios unless one of your partners has a special requirement, such as enforcing TLS with a bank.

    • 從 Office 365 的郵件傳送至協力廠商組織Sending mail from Office 365 to a partner organization

    • 從協力廠商組織的郵件傳送至 Office 365Sending mail from a partner organization to Office 365

注意

如果貴組織的郵件伺服器具有 Exchange 2013 或 Exchange 2010 部署,建議您在 Office 365 中以及在內部部署 Exchange 伺服器上設定連接器使用混合組態精靈] 。針對此案例,您的網域的 MX 記錄不能指向貴組織的郵件伺服器。If your organization's mail server has Exchange 2013 or Exchange 2010 deployed, we recommend that you use the Hybrid Configuration Wizard to configure connectors in Office 365 as well as on your on-premises Exchange servers. For this scenario, your domain's MX record can't point to your organization's mail server.

案例 2: MX 記錄指向 Office 365 與郵件是內部篩選Scenario 2: MX record points to Office 365 and mail is filtered on-premises

  • 我正在將 「 我的信箱移轉至 Office 365 與我想要保留在組織中的郵件伺服器 (內部部署伺服器) 上的一些信箱。我想要使用已在 「 我的內部部署環境中的篩選及符合性解決方案。所有 「 我的雲端信箱,來自網際網路的郵件或從 「 我的雲端信箱傳送至網際網路的郵件必須透過 「 我的內部伺服器路由傳送。I'm migrating my mailboxes to Office 365 and I want to keep some mailboxes on my organization's mail server (on-premises server). I want to use the filtering and compliance solutions that are already in my on-premises environment. All messages that come from the Internet to my cloud mailboxes, or messages sent to the Internet from my cloud mailboxes, must route through my on-premises servers.

如果您有商務或法規考量篩選郵件的內部部署環境中,我們建議您的網域的 MX 記錄指向 Office 365 以及如何啟用集中式的郵件傳輸。此安裝程式會提供最佳的垃圾郵件篩選並保護組織的 IP 位址。此案例中,您的組織郵件流程設定看起來像是下圖。If you have business or regulatory reasons for filtering mail in your on-premises environment, we recommend pointing your domain's MX record to Office 365 and enabling centralized mail transport. This setup provides optimal spam filtering and protects your organization's IP addresses. For this scenario, your organization's mail flow setup looks like the following diagram.

郵件流程圖顯示的案例為您的 MX 記錄會指向 Office 365,而且會在內部部署伺服器上進行篩選。來自網際網路的郵件會移至 Office 365,再移至您的伺服器進行相容性篩選,再移回至 Office 365。

最佳作法Best practices

  1. Office 365 中新增自訂的網域。若要證明您擁有的網域,請遵循新增使用者和網域中的指示。Add your custom domains in Office 365. To prove that you own the domains, follow the instructions in Add users and domains.

  2. 建立使用者信箱在 Exchange Online移至 Office 365 的所有使用者的信箱Create user mailboxes in Exchange Online or Move all users' mailboxes to Office 365.

  3. 更新您在步驟 1 中新增的網域的 DNS 記錄。(不確定如何執行這項作業嗎?遵循指示本頁。)下列的 DNS 記錄控制郵件流程:Update the DNS records for the domains that you added in step 1. (Not sure how to do this? Follow the instructions on this page.) The following DNS records control mail flow:

    • MX 記錄: 您的 MX 記錄指向 Office 365 以下列格式: <domainKey>-com.mail.protection.outlook.comMX record: Point your MX record to Office 365 in the following format: <domainKey>-com.mail.protection.outlook.com

      例如,如果您的網域是 contoso.com,MX 記錄應該: contoso com.mail.protection.outlook.com。For example, if your domain is contoso.com, the MX record should be: contoso-com.mail.protection.outlook.com.

    • SPF 記錄: 這應為有效的寄件者加上任何從連線至 EOP,您的內部伺服器的 IP 位址列出 Office 365 與任何第三方代表您組織的傳送電子郵件。例如,如果貴組織的郵件伺服器的網際網路對向 IP 位址 is131.107.21.231,應該先 contoso.com 的 SPF 記錄:SPF record: This should list Office 365 as a valid sender, plus any IP addresses from your on-premises servers that connect to EOP, and any third parties that send email on behalf of your organization. For example, if your organization's mail server's Internet-facing IP address is131.107.21.231, the SPF record for contoso.com should be:

    v=spf1 ipv4: 131.107.21.231  include:spf.protection.outlook.com -all
    
  4. 針對內部部署規範解決方案使用集中式郵件傳輸 (CMT)。Use Centralized Mail Transport (CMT) for on-premises compliance solutions.

    • 在 Office 365 信箱來自網際網路的郵件先取得傳送至您的內部伺服器並再傳回至 Office 365 傳遞至信箱。第 1 行代表此案例 2 圖表中的路徑。Mail that comes from the internet to a mailbox in Office 365 first gets sent to your on-premises server and then comes back to Office 365 to be delivered to the mailbox. Line 1 represents this path in the scenario 2 diagram.

    • 郵件是來自 Office 365 及網際網路的目的地第一次傳送至內部部署伺服器,則傳回至 Office 365 和再傳送至網際網路。第 4 行代表此案例 2 圖表中的路徑。Mail that comes from Office 365 and is destined for the Internet is first sent to your on-premises servers, then comes back to Office 365, and is then delivered to the Internet. Line 4 represents this path in the scenario 2 diagram.

    • 若要達到此設定,建立連接器透過混合組態精靈或透過指令程式,並啟用 CMT。如需 CMT 的詳細資訊,請參閱傳輸選項在 Exchange 混合部署To achieve this configuration, create connectors via the Hybrid Configuration Wizard or via cmdlets, and enable CMT. For details about CMT, see Transport Options in Exchange Hybrid Deployments.

除非您協力廠商的其中一個具有特殊的需求,例如銀行與強制 TLS,您不需要在以下案例的連接器。You don't need connectors in the following scenarios unless one of your partners has special requirements, such as enforcing TLS with a bank.

  • 從 Office 365 的郵件傳送至協力廠商組織Sending mail from Office 365 to a partner organization

  • 從協力廠商組織的郵件傳送至 Office 365Sending mail from a partner organization to Office 365

案例 3: MX 記錄指向 「 我的內部伺服器Scenario 3: MX record points to my on-premises servers

  • 我正在將 「 我的信箱移轉至 Office 365 與我想要保留在組織中的郵件伺服器 (內部部署伺服器) 上的一些信箱。我想要使用已處於 「 我的內部部署電子郵件環境的篩選及符合性解決方案。所有 「 我的雲端信箱,來自網際網路的郵件或從雲端信箱傳送至網際網路的郵件必須透過 「 我的內部伺服器路由傳送。我需要我的網域的 MX 記錄指向 「 我的內部伺服器。I'm migrating my mailboxes to Office 365, and I want to keep some mailboxes on my organization's mail server (on-premises server). I want to use the filtering and compliance solutions that are already in my on-premises email environment. All messages that come from the Internet to my cloud mailboxes, or messages sent to the Internet from cloud mailboxes, must route through my on-premises servers. I need to point my domain's MX record to my on-premises server.

案例 2 或者,您可以將您的網域的 MX 記錄指向而不是 Office 365 的組織的郵件伺服器。有些組織擁有的商務或法規需要此安裝程式,但如果您使用案例 2 篩選通常更妥善地運作。As an alternative to Scenario 2, you can point your domain's MX record to your organization's mail server instead of to Office 365. Some organizations have a business or regulatory need for this setup, but filtering typically works better if you use Scenario 2.

此案例中,您的組織郵件流程設定看起來像是下圖。For this scenario, your organization's mail flow setup looks like the following diagram.

流程圖顯示當您的 MX 記錄指向內部部署伺服器,而不是 Office 365 的郵件流程。郵件會從網際網路移到您組織的伺服器,再移到 Office 365。郵件會從 Office 365 移到內部部署伺服器,再移到網際網路

最佳作法Best practices

如果您的網域的 MX 記錄必須指向您的內部 IP 位址,請使用下列最佳作法:If the MX record for your domain needs to point to your on-premises IP address, use the following best practices:

  1. Office 365 中新增自訂的網域。若要證明您擁有的網域,請遵循新增使用者和網域中的指示。Add your custom domains in Office 365. To prove that you own the domains, follow the instructions in Add users and domains.

  2. 建立使用者信箱在 Exchange Online移至 Office 365 的所有使用者的信箱Create user mailboxes in Exchange Online or move all users' mailboxes to Office 365.

  3. 更新您在步驟 1 中新增的網域的 DNS 記錄。(不確定如何執行這項作業嗎?遵循指示本頁。)下列的 DNS 記錄控制郵件流程:Update the DNS records for the domains that you added in step 1. (Not sure how to do this? Follow the instructions on this page.) The following DNS records control mail flow:

    • SPF 記錄: 這應列出 Office 365 為有效的寄件者。它還應該包含任何 IP 位址從內部部署伺服器連線至 EOP 和代表您組織的電子郵件傳送任何協力廠商。例如,如果貴組織的郵件伺服器的網際網路對向 IP 位址 is131.107.21.231,應該先 contoso.com 的 SPF 記錄:SPF record: This should list Office 365 as a valid sender. It should also include any IP addresses from your on-premises servers that connect to EOP and any third parties that send email on behalf of your organization. For example, if your organization's mail server's Internet-facing IP address is131.107.21.231, the SPF record for contoso.com should be:
    v=spf1 ipv4: 131.107.21.231  include:spf.protection.outlook.com -all
    
  4. 因為您不從內部部署伺服器轉送訊息透過 Office 365 的網際網路、 嚴格來說不需要建立下列情況的連接器。但是如果在某些變更 MX 記錄以指向 Office 365,您需要建立連接器;因此,最好前端執行。在 Exchange 系統管理中心中,使用 [以 [連接器] 精靈第 2 部分: 設定郵件流程電子郵件伺服器的 Office 365 以下列情況下,或使用混合組態精靈來建立連接器:Because you're not relaying messages from your on-premises servers to the internet through Office 365, you don't technically need to create connectors for the following scenarios. But if at some point you change your MX record to point to Office 365, you'll need to create connectors; therefore, it's best to do it up front. In the Exchange admin center, use the connector wizard to Part 2: Configure mail to flow from your email server to Office 365 for the following scenarios, or use the Hybrid Configuration Wizard to create connectors:

    • 從 Office 365 的郵件傳送至您的組織部署郵件伺服器Sending mail from Office 365 to your organization's mail servers

    • 將郵件從內部部署伺服器傳送至 Office 365Sending mail from your on-premises servers to Office 365

  5. 若要確定訊息會傳送至您的組織內部部署伺服器流向 MX,移至 [範例安全性限制可套用至從夥伴組織傳送電子郵件,並遵循"範例 3: 要求所有電子郵件從您協力廠商組織網域 ContosoBank.com 傳送來自特定 IP 位址範圍。 」To make sure that messages are sent to your organization's on-premises servers through MX, go to Example security restrictions you can apply to email sent from a partner organization, and follow "Example 3: Require that all email from your partner organization domain ContosoBank.com is sent from a specific IP address range."

案例 4: MX 記錄指向 「 我的內部伺服器,篩選,並提供您的郵件符合性解決方案。您的內部部署伺服器必須透過 Office 365 的網際網路轉送訊息。Scenario 4: MX record points to my on-premises server, which filters and provides compliance solutions for your messages. Your on-premises server needs to relay messages to the internet through Office 365.

  • 我正在將 「 我的信箱移轉至 Office 365 與我想要保留在組織中的郵件伺服器 (內部部署伺服器) 上的一些信箱。我想要使用已處於 「 我的內部部署電子郵件環境的篩選及符合性解決方案。從 「 我的內部伺服器傳送的所有郵件必須都轉送到網際網路的 Office 365。我需要我的網域的 MX 記錄指向 「 我的內部伺服器。I'm migrating my mailboxes to Office 365, and I want to keep some mailboxes on my organization's mail server (on-premises server). I want to use the filtering and compliance solutions that are already in my on-premises email environment. All messages sent from my on-premises servers must relay through Office 365 to the internet. I need to point my domain's MX record to my on-premises server.

此案例中,您的組織郵件流程設定看起來像是下圖。For this scenario, your organization's mail flow setup looks like the following diagram.

具有箭號的郵件流程圖顯示郵件從網際網路到內部部署伺服器,再到 Office 365。也會顯示從內部部署伺服器傳送至 Office 365,再傳送至網際網路的電子郵件。

最佳作法Best practices

如果您的網域的 MX 記錄必須指向您的內部 IP 位址,請使用下列最佳作法:If the MX record for your domain needs to point to your on-premises IP address, use the following best practices:

  1. Office 365 中新增自訂的網域。若要證明您擁有的網域,請遵循新增使用者和網域中的指示。Add your custom domains in Office 365. To prove that you own the domains, follow the instructions in Add users and domains.

  2. 建立使用者信箱在 Exchange Online移至 Office 365 的所有使用者的信箱Create user mailboxes in Exchange Online or move all users' mailboxes to Office 365.

  3. 更新您在步驟 1 中新增的網域的 DNS 記錄。(不確定如何執行這項作業嗎?遵循指示本頁。)下列的 DNS 記錄控制郵件流程:Update the DNS records for the domains that you added in step 1. (Not sure how to do this? Follow the instructions on this page.) The following DNS records control mail flow:

    • MX 記錄: 您的 MX 記錄指向您的內部部署伺服器以下列格式: 郵件。<domainKey>.comMX record: Point your MX record to your on-premises server in the following format: mail.<domainKey>.com

      例如,如果您的網域是 contoso.com,MX 記錄應該:。 mail.contoso.com。For example, if your domain is contoso.com, the MX record should be: .mail.contoso.com.

    • SPF 記錄: 這應列出 Office 365 為有效的寄件者。它還應該包含任何 IP 位址從內部部署伺服器連線至 EOP 和代表您組織的電子郵件傳送任何協力廠商。例如,如果貴組織的郵件伺服器的網際網路對向 IP 位址為 131.107.21.231,應該先 contoso.com 的 SPF 記錄:SPF record: This should list Office 365 as a valid sender. It should also include any IP addresses from your on-premises servers that connect to EOP and any third parties that send email on behalf of your organization. For example, if your organization's mail server's Internet-facing IP address is 131.107.21.231, the SPF record for contoso.com should be:

    v=spf1 ipv4: 131.107.21.231  include:spf.protection.outlook.com -all
    
  4. 在 Exchange 系統管理中心中,使用來使用 Office 365 中的連接器設定郵件流程[連接器] 精靈在下列情況:In the Exchange admin center, use the connector wizard to Configure mail flow using connectors in Office 365 for the following scenarios:

    • 從 Office 365 的郵件傳送至您的組織部署郵件伺服器Sending mail from Office 365 to your organization's mail servers

    • 將郵件從內部部署伺服器傳送至 Office 365Sending mail from your on-premises servers to Office 365

      您需要建立任何下列情況適用於您的組織會支援的案例 」 傳送郵件從內部部署伺服器至 Office 365"的連接器:You need to create a connector to support the scenario "Sending mail from your on-premises servers to Office 365" if any of the following scenarios apply to your organization:

    • 您的組織有權傳送代表您的用戶端的郵件,但在組織不會擁有網域。例如,contoso.com 有權傳送透過 fabrikam.com、 不屬於 contoso.com 電子郵件。Your organization is authorized to send mail on behalf of your client, but your organization doesn't own the domain. For example, contoso.com is authorized to send email through fabrikam.com, which doesn't belong to contoso.com.

    • 您的組織將轉送至網際網路透過 Office 365 的未傳遞回報 (Ndr)。Your organization relays non-delivery reports (NDRs) to the Internet through Office 365.

    • 您的網域的 MX 記錄 contoso.com,指向您的內部伺服器和您的組織自動轉寄郵件到電子郵件地址組織外部的使用者。例如 kate@contoso.com 已啟用轉寄和所有郵件都移至 kate@tailspintoys.com。如果 john@fabrikam.com 將訊息傳送給 kate@contoso.com、 郵件送達在 Office 365 寄件者的時間網域是 fabrikam.com 和收件者的網域是 tailspin.com。寄件者的網域皆收件者的網域屬於您的組織。The MX record for your domain, contoso.com, points to your on-premises server, and users in your organization automatically forward messages to email addresses outside your organization. For example, kate@contoso.com has forwarding enabled, and all messages go to kate@tailspintoys.com. If john@fabrikam.com sends a message to kate@contoso.com, by the time the message arrives at Office 365 the sender domain is fabrikam.com and the recipient domain is tailspin.com. Neither the sender domain nor recipient domain belongs to your organization.

      若要建立的連接器,選擇第一個選項精靈] 中連接器架設在Office 365 如何應識別您的電子郵件伺服器的電子郵件] 畫面上。To create the connector, choose the first option in the connector creation wizard on the How should Office 365 identify email for your email server screen.

      顯示「適用於 Exchange 的混合式連線精靈」新連接器的螢幕擷取畫面

      這可讓 Office 365 來識別您的電子郵件伺服器所使用的憑證。在此案例中,CN 或主體替代名稱 (SAN) 憑證會包含您的組織所屬的網域。如需詳細資訊,請參閱 <識別電子郵件從您的電子郵件伺服器。如連接器組態的詳細資訊,請參閱第 2 部分: 設定郵件流程電子郵件伺服器的 Office 365 以This allows Office 365 to identify your email server by using the certificate. In this scenario, the certificate CN or Subject Alternative Name (SAN) contains the domain that belongs to your organization. For more details, see Identifying email from your email server. For connector configuration details see, Part 2: Configure mail to flow from your email server to Office 365.

  5. 連接器與協力廠商組織的安全郵件流程設定為確認訊息會傳送至您的組織內部伺服器透過 MX。Set up connectors for secure mail flow with a partner organization to make sure that messages are sent to your organization's on-premises servers via MX.

See alsoSee also

郵件流程的最佳作法 Exchange Online 與 Office 365 (概觀)Mail flow best practices for Exchange Online and Office 365 (overview)

管理所有信箱和使用 Office 365 的郵件流程Manage all mailboxes and mail flow using Office 365

管理使用協力廠商雲端服務與 Office 365 的郵件流程Manage mail flow using a third-party cloud service with Office 365

管理使用協力廠商雲端服務與 Office 365 和 prem 上信箱的郵件流程Manage mail flow using a third-party cloud service with mailboxes on Office 365 and on-prem

Office 365 郵件流程疑難排解Troubleshoot Office 365 mail flow

驗證 Office 365 連接器以測試郵件流程Test mail flow by validating your Office 365 connectors