Important notice for Office 365 email customers who have configured connectors (2024)

Table of Contents
Create or Edit a certificate-based connector in Office 365 Register your domain with Office 365 Prepare your on-premises email servers to relay messages through Office 365 FAQs

If you are an Exchange Online or Exchange Online Protection (EOP) customer and you have configured connectors, this post contains important information that might impact your organization. To make sure that your mail flow isn’t interrupted, we strongly recommend that you read this post and take any necessary action before the deadline (July 5th, 2017).

See Also
Configuring message hygiene in Exchange Online ProtectionHygiene Management: Exchange 2013 HelpEstablishing tenant hygiene with the CoE Starter Kit - Power PlatformImplement Tenant Hygiene with CoE Starter Kit

If your organization has a hybrid deployment (on-premises plus Office 365), you often need to relay emails to the Internet via Office 365—i.e. emails from your on-premises environment (mailboxes, applications, scanners, fax machines, etc.) that are sent to Internet recipients will be routed to Office 365 first, then sent out.Figure: Email relayed from your on-premises email servers to the Internet via Office 365For this relay to work, your organization needs to follow these steps:

  1. Create one or more connectors in Office 365 to authenticate emails coming from your on-premises mail servers, using either the sending IP address or a certificate.
  2. Configure your on-premises servers to relay via Office 365.
  3. Configure your setup so that:
a) The sender domain belongs to your organization (i.e. you have registered your domain with Office 365). For more information, see Add Domains in Office 365.ORb) Your on-premises email server is configured to use a certificate to send email to Office 365, and the CN (Common-Name) or SAN (Subject Alternate Name) in the certificate contains a domain name you have registered with Office 365 and you have created a certificate based connector in Office 365 with that domain.

If neither step 3a nor 3b is true, Office 365 will NOT be able to know deterministically whether the email sent from your on-premises environment belongs to your organization. Therefore, it is important that organizations with hybrid deployments ensure that they fulfill either step 3a or 3b. This protects your organization, your domain, and your IP reputation.Beginning July 5, 2017 (changed from Feb. 1, 2017), Office 365 will no longer support relaying emails if a hybrid customer has not configured either step 3a or 3b (see detail above). Such emails will get rejected with the following error message: “550 5.7.64 Relay Access Denied ATTR36. For more details please refer to https://support.microsoft.com/kb/3169958.Additionally, if your organization needs the following scenarios to continue to work (and most hybrid organizations do), you need to ensure that you follow step 3b.

  • Your organization needs to send NDR (Non-Delivery Report) or bounce messages to a recipient on the Internet and needs to relay them through Office 365.
  • You need to send emails on behalf of domains that do not belong to your organization.
  • Your on-premises users have forwarding rules configured, and messages need to be relayed through Office 365. For example:
    • Contoso.com is your organization’s domain.
    • A user in your organization’s on-premises server, kate@contoso.com, has enabled forwarding of all her messages to kate@tailspintoys.com.
    • If john@fabrikam.com sends a message to kate@contoso.com, the message gets automatically forwarded to kate@tailspintoys.com. From Office 365’s point of view, the message is sent from john@fabrikam.com to kate@tailspintoys.com.
    • Because Kate’s mail is being forwarded, neither the sender domain nor the recipient domain belongs to your organization.

Figure: When step 3b is followed, a forwarded email from contoso.com will be allowed to be relayed via Office 365For more details, see the step-by-step instructions below.

See Also
Mandantenhygiene etablieren mit dem CoE Starter Kit - Power Platform

Create or Edit a certificate-based connector in Office 365

For Office 365 to relay messages to internet that match with the scenarios listed above, you need to follow the below steps.1. Sign in to Office 365 admin center, and go to Admin > Exchange.2. Go to mail flow > connectors, and do one of the following:If there are no connectors, choose ’+’ (Add) to create a connector.If a connector already exists, select the connector, and choose Edit to modify it.3. On the Select your mail flow scenario page, choose From: Your organization’s email server and To: Office 365. This creates a connector that indicates that your On-premises server is the sending source for your messages.4. Enter connector name and other information, and then choose Next.5. On the New connector or Edit connector page, choose the first option to use a TLS certificate to identify the sender source of your organization’s messages. The domain name in the option should match the CN name or SAN in the certificate you are using to send email and this domain must be a domain you have registered with Office 365 (see Add Domains in Office 365).For example:

  • The certificate you plan to use has CN or SAN as contoso.com. In that case, you can enter contoso.com in the dialog below and register contoso.com in Office 365 (see Add Domains in Office 365)
  • The certificate you plan to use has CN or SAN as <hostname>.contoso.com or mail.contoso.com. In that case, you could enter *.contoso.com in the dialog below, and register contoso.com in Office 365 (see Add Domains in Office 365)

Note: Existing hybrid customers that used the Hybrid Configuration Wizard to configure their connectors SHOULD check their existing connector and ensure that it is using *.contoso.com instead of mail.contoso.com or <hostname>.contoso.com, since mail.contoso.com or <hostname>.contoso.com may not be a registered domains with Office 365.

Register your domain with Office 365

You can follow the steps to register your domain here - Add Domains in Office 365.Go to Setup > Domains in the O365 Admin Center to see the list of domains registered:

Prepare your on-premises email servers to relay messages through Office 365

  1. If your organization uses Exchange server for its on-premises server, you need to configure your server to send messages over TLS. To do this, follow Set up your email server to relay mail to the Internet via Office 365, which is part 2.2 of “Set up connectors to route mail between Office 365 and your own email servers.” If you have already used Hybrid Configuration Wizard, then continue to use it, but ensure to use a certificate that matches the criteria outlined in step 5 of the previous section.
  2. Install a certificate in your on-premises environment. For details, follow “Step 6: Configure an SSL certificate” of Configure mail flow and client access.

For more details about how to relay messages through Office 365, see the Setting up mail flow where some mailboxes are in Office 365 and some mailboxes are on your organizat... section of Mail flow best practices for Exchange Online and Office 365.Carolyn Liu

Important notice for Office 365 email customers who have configured connectors (2024)

FAQs

What are connectors in Office 365? ›

Connectors are a collection of instructions that customize the way your email flows to and from your Microsoft 365 or Office 365 organization. Actually, most Microsoft 365 and Office 365 organizations don't need connectors for regular mail flow. This article describes the mail flow scenarios that require connectors.

Know More
How many connectors should you configure in Exchange Online? ›

In order to route emails correctly, you will need to configure two connectors in Office 365.

Learn More
How do I disable connectors in Office 365? ›

To disable connectors or actionable messages, set the value to false instead of true in the following commands. For more information about PowerShell module exchange, see Set-OrganizationConfig. To enable or disable Outlook connectors, connect apps to your groups in Microsoft Outlook.

Keep Reading
How do I find connectors in Office 365? ›

In Microsoft 365 or Office 365, select Admin and then Exchange to go to the Exchange admin center. In the Exchange admin center, go to Mail flow > Connectors. Check the list of connectors set up for your organization.

Read More
What does an email connector do? ›

Use Email Connector to send an email from an email server to a specified list of recipients. After you create an Email connection, you can use it in a Service step in a process or guide to send emails.

Read On
How do I configure Exchange Online Connectors? ›

Open the Exchange Admin Center at https://admin.exchange.microsoft.com/. Navigate to Mail flow, select Connectors and click Add a connector. Select Connection from Partner organization. In the Connection to field, Office 365 should be automatically selected.

Discover More
What is the difference between send and receive connectors? ›

Unlike receive connectors, which are created automatically when you install a hub transport server and remain bound to that server, send connectors are created at the organization level and are available for any server to route messages across.

Know More
What is the use of connector in exchange? ›

Exchange uses connectors to enable incoming and outgoing mail flow on Exchange servers, and also between services in the transport pipeline on the local Exchange server. These are the types of connectors that are available in Exchange. Receive connectors control incoming SMTP mail flow.

Get More Info
How do you configure connectors in Teams? ›

Select the team or channel name from the list. Select Set up a connector. In the left pane, search Teams ToDo connector in the search bar and select Configure. Select either Created or Updated on the registration page and select Save.

Continue Reading
How do I delete a connector in Exchange? ›

In the Exchange admin center, click on the mail flow option from the left panel. In the Rule tab, select the required rule and click on the delete icon to remove the selected rules from the list. Go to the Connectors tab, select the required connector and click the delete icon to remove the selected connector.

Learn More

How do I connect to a disconnected mailbox in Office 365? ›

Use the EAC to connect a disabled mailbox
  1. In the EAC, navigate to Recipients > Mailboxes.
  2. Click More. , and then click Connect a mailbox. ...
  3. Click the disabled mailbox that you want to reconnect, and then click Connect.
  4. In the window that asks if you're sure that you want to reconnect the mailbox, click Yes.
Feb 22, 2023

Get More Info
What type of connector do you need to validate? ›

When you create a service connector or a data access service connector, you can use the Validation panel to verify if there are validation errors and view the error details. panel, errors are grouped based on the tabs where they occur. A list of errors that occur in the tab is displayed.

Get More Info
How do I check my outlook 365 connection status? ›

Hold Ctrl and right-clicking the Outlook quick-launch icon in the system tray near the clock. Select connection status. Here you will see the number of persistent connections utilized by Outlook. Connection latency can be spot checked by clicking the reconnect button and observing the connection time.

Discover More Details
How can I see what devices are connected to my Office 365? ›

Sign in to your work or school account, and then go to the My Account page. Select Devices from the left navigation pane or select the Manage devices link from the Devices block. Review the information for your connected devices, making sure you recognize them all.

See Details
What are connectors in Microsoft? ›

Connectors allow the underlying service to talk to Microsoft Power Automate, Microsoft Power Apps, and Azure Logic Apps.

Get More Info
What does Microsoft app Connector do? ›

App connectors use the APIs of app providers to enable greater visibility and control by Microsoft Defender for Cloud Apps over the apps you connect to. Microsoft Defender for Cloud Apps leverages the APIs provided by the cloud provider.

See Details
What are connectors in team channels? ›

In this article

It's a way for an app to get real-time data. Connectors allow users to subscribe to receive notifications and messages from your web services. They expose an HTTPS endpoint for your service to post messages in the form of cards.

See Details
What are connectors in workflow? ›

Connectors can be used to connect to other Google Cloud APIs within a workflow, and to integrate your workflows with those Google Cloud products. For example, you can use connectors to publish Pub/Sub messages, read or write data to a Firestore database, or retrieve authentication keys from Secret Manager.

See Details
Top Articles
8 Easy Ways to Make $100 a Day
Absolute Return in Mutual Funds: Formula and How It Works
Helifreaks
Choctaw Bingo Explained
The 9 best TV deals at Best Buy right now: November 2022
Product Owner 24 uur per week | Utrecht | IF Solutions | Werkzoeken.nl
Best Roblox MC Skins | Cool Skins for Your Avatar
Roblox Scared Face IDs 😨 (Working)
Trump and allies attack Walz as 'dangerously liberal' and a military 'disgrace'
Sean Hannity Bio, Net Worth, Age, Show, Wife, News, Height, Kids
Ups Store Near Me Now Open Today Near Me
Fandango Pocatello
Latest Posts
Average mutual fund return: What it is + how to calculate | finder.com
7 Simple Strategies for Growing Your Portfolio
Article information

Author: Carmelo Roob

Last Updated:

Views: 6025

Rating: 4.4 / 5 (45 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Carmelo Roob

Birthday: 1995-01-09

Address: Apt. 915 481 Sipes Cliff, New Gonzalobury, CO 80176

Phone: +6773780339780

Job: Sales Executive

Hobby: Gaming, Jogging, Rugby, Video gaming, Handball, Ice skating, Web surfing

Introduction: My name is Carmelo Roob, I am a modern, handsome, delightful, comfortable, attractive, vast, good person who loves writing and wants to share my knowledge and understanding with you.