Learn how to enable email flow from office 365 to on-premises subdomains

If we have a hybrid environment, with mailboxes hosted both in Exchange Online and on-premises Exchange, and we have subdomains of the accepted domains that only exist in our on-premises environment, we can enable email flow to and from these on-premises subdomains. For example, if we have an accepted domain called Contoso.com, and we enable match subdomains, users can send email to, or receive email from all subdomains of Contoso.com that exist in our on-premises environment, such as marketing.contoso.com and nwregion.contoso.com.
To enable email flow from Office 365 to on-premises subdomains, we will need to follow these general steps:

We have to verify the on-premises subdomains in Office 365: Before we can start configuring email flow from Office 365 to our on-premises subdomains, we need to verify the domains in Office 365. This involves adding the domain to Office 365 and proving ownership of the domain by adding a TXT or MX record to the domain’s DNS settings.

Configure mail routing: Once the domain is verified, we need to configure mail routing to specify how email messages are delivered between Office 365 and our on-premises servers. There are several ways to configure mail routing, including:

• Configuring a hybrid deployment: If we have a hybrid deployment with Exchange Server on-premises, we can use the Hybrid Configuration Wizard to configure mail routing between Office 365 and our on-premises Exchange organization.

• Configuring SMTP relay: We can configure SMTP relay to route email messages from Office 365 to our on-premises subdomains. This involves setting up an SMTP connector in Office 365 and configuring our on-premises email servers to accept SMTP traffic from Office 365.

• Configuring a mail flow rule: We can use a mail flow rule in Office 365 to route email messages to our on-premises subdomains. This involves creating a rule that identifies messages sent to the on-premises subdomains and specifying the action to route them to the on-premises email servers.

Test the mail flow: Once we have configured mail routing, we should test the mail flow to ensure that email messages are flowing correctly between Office 365 and our on-premises subdomains.
Note that the exact steps for configuring email flow from Office 365 to on-premises subdomains will depend on our specific setup and requirements.
Consider additional configuration options: Depending on our specific needs, there may be additional configuration options we need to consider. For example, we may need to configure mail flow rules to ensure that email messages are delivered correctly to specific users or groups in our on-premises organization. We may also need to configure security and compliance features, such as transport rules or message encryption, to ensure that our email messages are secure.

Monitor and maintain the email flow: After configuring email flow from Office 365 to our on-premises subdomains, it’s important to monitor the email flow and maintain the configuration. This involves regularly reviewing email logs and monitoring the performance of our email servers to ensure that messages are being delivered correctly and on time. We should also regularly review our configuration to ensure that it remains up to date and secure.

Consider migrating to Office 365 completely: If we have a complex or outdated on-premises email infrastructure, it may be worth considering migrating to Office 365 completely. This can help simplify our email infrastructure and provide additional features and benefits, such as improved security, compliance, and collaboration. Microsoft offers tools and services to help migrate our email infrastructure to Office 365.

Ensure proper DNS configuration: In addition to configuring email routing, we also need to ensure that our DNS records are configured correctly. This includes setting up MX records for our on-premises email servers and configuring any necessary SPF, DKIM, or DMARC records to ensure that email messages are authenticated and not flagged as spam or phishing attempts.

Configure outbound email flow: If we want to send outbound email messages from our on-premises subdomains through Office 365, we need to configure outbound email flow. This involves configuring SMTP relay or configuring our on-premises email servers to route outbound email messages through Office 365. We should also configure any necessary security and compliance features, such as transport rules or message encryption, to ensure that our outbound email messages are secure.

Consider network connectivity requirements: To ensure that email flow between Office 365 and our on-premises subdomains is reliable and efficient, we need to consider network connectivity requirements. This may include configuring network firewalls or ensuring that our internet service provider is providing sufficient bandwidth for our email traffic.

Plan for failover and disaster recovery: Finally, it’s important to plan for failover and disaster recovery in case of an outage or other issue with our email infrastructure. This may involve setting up redundant email servers, configuring backup MX records, or implementing other measures to ensure that our email flow is not interrupted in the event of an outage or disaster.

How to use the Exchange admin center (EAC) to set up match subdomains on a domain

We will add a subdomain to our M365 Tenant, so go on to the exchange admin center EAC, settings, domains and add a domain.

Configure the DNS records.

Continue with your registrar till the process is completed

Now, we have to go on to the exchange admin center EAC, Mail flow, Accepted domains.

Select an accepted domain to appear on the domain’s details screen and verify that Internal Relay is selected. If Authoritative is selected, change it to Internal Relay.

Click accept mail for all subdomains and save.

Use the EAC to add the domain to the connector used for transmitting messages from Office 365 to your organization’s email server.

We have to add the domain connector so go to the Mail Flow, Connectors

Select a connector that is used for transmitting messages from Office 365 to your organization’s email server and edit it.

In the Use of connector screen that appears, select Only when email messages are sent to these domains.

Click next, validate it of an active mailbox on your organization’s server and save the settings.

In summary, enabling email flow from Office 365 to on-premises subdomains involves several steps, including verifying domains, configuring mail routing, testing the mail flow, ensuring proper DNS configuration, configuring outbound email flow, considering network connectivity requirements, and planning for failover and disaster recovery.

More info:

https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-accepted-domains/enable-mail-flow-for-subdomains

Leave a Reply

Your email address will not be published. Required fields are marked *