none
Exchange Hybrid - LoopDetected Using wrong SMTP Connector

    Question

  • We have an Exchange 2010 Hybrid with Office 365. We have multiple domains. I used the Hybrid Deployment Wizard to set this all up and everything is operational until I attempted to add a new domain. I created the domain completely on the O365 side (New Domain, configured all of the DNS to O365, etc).  On-Premise, I added the accepted Domains, the UPN for ADUC, etc. For users that have their mailbox already on EO, mail is able to get to the new domain. Any External emails are received. However, any emails sent from an on-premise Mailbox, fails to be delivered. Checking the message tracking details, the messages seem to get into a infinite loop (LoopDetected).  In reviewing the details, the message is using the wrong SMTP Connector when sending to that domain. If I send from on-premise to EO, the connector used is Outbound to Office 365, the connector created by the wizard. When use with this domain, it uses the original SMTP (called New SMTP Server) that is used for all other mail traffic. 

    [PS] C:\Windows\system32>get-sendconnector

    Identity                                AddressSpaces                           Enabled
    --------                                -------------                           -------
    New SMTP Server                         {SMTP:*;3}                              True
    Outbound to Office 365                  {smtp:[ourdomainname].mail.onmicroso... ;1} True

    The new domain has been added to the Accepted Domain list on both On-Premise and on EO. On-premise, I had the domain type as Authoritative, but I changed it to InternalRelay and that has not solve the issue. 

    Any help?

    New users were created both in the cloud and on-Premise (tried both ways). It seems it is recommended that new user accounts should be created locally with their mailbox then migrated, so that the GUID is added for Exchange. I created two separate distribution groups (both under EOP) and the same scenario occurs.

    There is no doubt by the logs, the message never goes out bound. We have an IronPort device that all messages go out to through the New SMTP Server connector. In the log, I can see the message going out to that smarthost and then back in then out and back in (the loop).  Not sure why that traffic is not going out through the Outbound to Office 365 Connector like all other domains. Even went back and ran the Hybrid Wizard again with no success.  I have a trouble ticket in with MS and they have not been able to determine the issue as of yet.

    Please help. :)

    Friday, September 9, 2016 3:29 PM

Answers

  • You didn't publish all the details of your address spaces, but what you have shows that mail for the new domain will go out the "New SMTP Server" route, which I presume sends it back to Exchange, hence the loop.

    In hybrid, mail for the new domain comes into your on-premises server which matches the recipient to an object in Active Directory, which has a RemoteRoutingAddress of something@[ourdomainname].mail.onmicrosoft.com, resulting in the message being forwarded to Exchange Online.  All your new domain recipients should be likewise configured.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, September 9, 2016 6:54 PM
    Moderator

All replies

  • You didn't publish all the details of your address spaces, but what you have shows that mail for the new domain will go out the "New SMTP Server" route, which I presume sends it back to Exchange, hence the loop.

    In hybrid, mail for the new domain comes into your on-premises server which matches the recipient to an object in Active Directory, which has a RemoteRoutingAddress of something@[ourdomainname].mail.onmicrosoft.com, resulting in the message being forwarded to Exchange Online.  All your new domain recipients should be likewise configured.


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, September 9, 2016 6:54 PM
    Moderator
  • I found the issue and I believe what you were pointing at was the problem. When I migrated the mailbox, the target domain was set to the actual domain and not to the tenant.mail.onmicrosoft.com.  I am not even sure why MS gives this as an option. Originally, the field was blank as I questioned what the target domain should be. I think after everything finally synced up, the field automatically populated to the tenant address.  When I went to migrate another mailbox in testing is when I realize that the field was populated.

    Definitely, think MS has blotched this whole mess. I should be able to migrate from On-Premise (which does not work). I should also be able to create mailboxes and Distribution groups from O365 which will also cause issues.  Hopefully they will address these issues in time.  For now, the problem has been resolved.  For folks that come across this problem; make sure your target domain is the tenant domain [tenant].mail.onmicrosoft.com

    Thanks.

    Friday, September 9, 2016 9:14 PM
  • Please don't blame your lack of understanding on Microsoft.  Exchange is built as an on-premises server and the scenario you're describing isn't an Exchange thing, it's an online hybrid thing.  You can configure domains to be used in many different ways of which hybrid is only one.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Friday, September 9, 2016 9:52 PM
    Moderator