Exchange Online and Remote Domains

 

Info

This article talks about the importance to configure Remote Domain both on Exchange on premise and Exchange Online to control the format and type of email messages exchange between hosted mailbox users and on premise mailbox users.

Scope

From Exchange Online part, we care about two domains:

  1. aramex.mail.onmicrosoft.com [this is the primary SMTP domain in Exchange Online]
  2. aramex.onmicrosoft.com [this is identity domain but used by arbitration mailboxes to send mdoeration approval emails and so important to consider it here]

From on premise part, we should add all our hosted domains like aramex.com, infofort.com and others, but for now we will focus on aramex.com domain.

What is Remote Domain?

It is a feature in Exchange that allows IT Admins to control both the type and format of emails exchanged with external remote domains.

Suppose we are dealing a lot with hsbc.com company, and we want them to see our Internal Out Of Office OOF messages, and not the external ones. Well, we can configure that domain as Remote Domain in our Exchange on premise, and then configure that remote domain (Set-RemoteDomain) so that Exchange will send to them the internal OOF message and not the external one.

Moreover, right now, we are preventing people to forward their emails to external domains, but if we care about a specific partner like xyz.com domain, then we can configure a remote domain for xyz.com and allow forwarding emails only to that domain.

By default, there is a default remote domain in each Exchange organization called (*) and it controls how we as Exchange organization deal with all external domains to which there is no specific Remote Domain defined.

Well, this is not fair in case of Office 365 both domains (aramex.onmicrosoft.com and aramex.mail.onmicrosoft.com) as those are considered part of our internal mailbox users. We should allow them in term of remote domains the same as we treat any external domain.

So, we shall create two remote domains in our Exchange on premise setup for Office 365 domains, and relax the settings, like allowing forwarding emails, and showing the internal Out Of Office message, and also enable the “voting buttons” by enabling a feature called TNEFE  (Transport Neutral Encapsulation Format).

From the other side, we shall do the same. In Exchange Online we shall create a remote domain for aramex.com and relax the settings.

Configuration

Usually the Hybrid configuration wizard will create a remote domain on Exchange on premise for aramex.mail.onmicrosoft.com, so we will only create a remote domain in Exchange on premise for aramex.onmicrosoft.com in addition.

New-RemoteDomain -Name “Hybrid Domain – aramex.onmicrosoft.com” –DomainName aramex.onmicrosoft.com

Also, we need to update the outbound connector going to Office 365 from our Exchange on premise to include aramex.onmicrsooft.com in addition to aramex.onmicrosoft.com

Now, we have two remote domains in our on premise Exchange setup. We also have outbound SMTP connector that has both domains in its SMTP domain space.

Let us configure the remote domains using Set-RemoteDomain to match the following configuration:

Now going to Exchange Online, we shall create remote domain for (aramex.com) with similar configuration.

The most important settings are:

  • TNEFEnabled
  • AllowedOOFType
  • TrustedMailInboundEnabled
  • TrustedMailOutboundEnabled
  • IsInternal

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s