locked
Sender Rewriting Scheme (SRS) Exchange 2010 RRS feed

  • Question

  • Hi All, 

    Just a quick question if anyone has any thoughts. Just working with a client with a number of inbound forwards (SRS enabled) to a Exchange 2010 Org in Hybrid Mode. 

    When users are moved to Office 365 these forwarded emails are either blocked or directed as spam as per the SPF record. 

    Can SRS on the Exchange servers be enabled? I can't find any doco on setting this up but it would seem like a common problem. 

    PS. no edge servers and no address rewriting can be completed. SRS is a more elegant solution anyway and the fact that it's being supported in EOP should be replicated on prem.  

    Josh

    Thursday, August 30, 2018 10:14 AM

Answers

  • Hi Josh, 

    No sorry SRS is a O365 feature only at the moment and is not available in any version of exchange onpremises. 

    Can you elaborate on this:"When users are moved to Office 365 these forwarded emails are either blocked or directed as spam as per the SPF record."

    AS your in hybrid SPF in not checked between onprem and O365 if properly configured.


    MCSA exchange 2016 | MCTS exchange 2013 | MCTS-MCITP exchange 2010 | MCTS-MCITP Exchange: 2007 | MCSA Messaging: 2003 | MCP windows 2000

    • Marked as answer by Josh Bines Thursday, October 18, 2018 12:41 PM
    Thursday, August 30, 2018 12:33 PM

All replies

  • Hi Josh, 

    No sorry SRS is a O365 feature only at the moment and is not available in any version of exchange onpremises. 

    Can you elaborate on this:"When users are moved to Office 365 these forwarded emails are either blocked or directed as spam as per the SPF record."

    AS your in hybrid SPF in not checked between onprem and O365 if properly configured.


    MCSA exchange 2016 | MCTS exchange 2013 | MCTS-MCITP exchange 2010 | MCTS-MCITP Exchange: 2007 | MCSA Messaging: 2003 | MCP windows 2000

    • Marked as answer by Josh Bines Thursday, October 18, 2018 12:41 PM
    Thursday, August 30, 2018 12:33 PM
  • I'll have to check the connectors as I didn't setup the hybrid but we are seeing the below in the headers. 

    Received-SPF: SoftFail (protection.outlook.com: domain of transitioning domain.com
     discourages use of 8.8.8.8 as permitted sender)

    (Update) Ah... They are routing mail back out to 365 via the same inbound MTA's 

    https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-mail-flow-on-office-365-and-on-prem#using-a-third-party-cloud-service-with-mailboxes-on-office-365-and-on-my-organizations-mail-servers 

    • Edited by Josh Bines Thursday, August 30, 2018 2:13 PM More informat
    Thursday, August 30, 2018 2:02 PM
  • Ehh, 

    8.8.8.8 is not Microsoft nor your onprem,  8.8.8.8 is owned by google. ??

    How does your mail endup there. we need full header if you want more details.


    MCSA exchange 2016 | MCTS exchange 2013 | MCTS-MCITP exchange 2010 | MCTS-MCITP Exchange: 2007 | MCSA Messaging: 2003 | MCP windows 2000

    Thursday, August 30, 2018 8:38 PM
  • i added the 8.8.8.8 to remove the public posting of the IP address :) 

    so... this has cropped up again or never went away... 

    https://mxtoolbox.com/Public/Tools/EmailHeaders.aspx?huid=19133474-64ca-4604-afaa-e59aa0ab67a3  

    If my testing is correct. I appears that the SCL and X-MS-Exchange-Organization-AuthAs: Internal is only applied for authenticated objects. For email sent from the internet to On prem Contact Objects are relayed as SCL 1 and Anonymous. 

    • Edited by Josh Bines Tuesday, October 16, 2018 9:46 AM updated
    Tuesday, October 16, 2018 8:59 AM