Wednesday, 17 June 2015

Office365 Connectors - Chapter 1

Office365 Connector interface changed with new UI, It used be Inbound & Outbound Connector, Name defines Inbound is for routing the Inbound Email from Internet or Partner or On-premise & Outbound for outbound respectively.

New Interface Look as below:

Office365 Connectors

In this chapter, I am explaining more details about this new interface & routing

Outbound Connector:

Selecting from Option as "Office365" will create an Outbound connector for your organization.

Your Organization's Email Server:

This option needs to be Selected, If you have an On-premise server for your environment, Once selected you need to specify the Inbound IP address/FQDN (Fully Qualified Domain Name) (or) of
your On-premise server. In this scenario your MX record should be pointing to Office365 servers.

Once you name the connector, You will have 3 options to configure the routing.
  • Only if you created a rule that redirects email messages to this connector. (This is called Criteria Based Routing, You need to create a Transport rule to define what kind of mail should  be routed through this connector )
  • For email messages sent to all accepted domains in your organization - In this scenario, an accepted domain is any domain that you've added to your Office 365 organization 
  • Only when email messages are sent to these domains (You may specify which domains needs to be applied)

After this selection, You need to specify the FQDN or IP address of the On-Premise domain, Ensure that your On-Premise server is able to accept connections from all ranges of Office365 IP addresses.

Next comes, the critical part "How Should Office365 Connect to your Email Server" You need to select whether Force TLS Required (or) Opportunistic TLS(Negotiable) 

This requires Digital Certificate or A certificate issues by CA(Certificate Authority). We may see this section in different chapter.

Next comes the new option introduced in this new interface which is Validate Connector:

This runs SMTP connectivity test to Smart host & sends test mail, If you prefer to save this connector for testing Purpose example in your lab environment, You have an option to create this using Powershell, for those information refer to below links.

Partner's Organization

Select this option, If you want this emails to be routed to your Partner organization, A partner can be an organization you do business with, It can also be a cloud email service provider that provides services such as archiving, anti-spam, and so on, So for any 3rd party service provide such Symantec, McAfee, MessageLabs etc, this option needs to be used. You can create as much as Partner connectors you want based on requirement, In such case where Force TLS needs to be enabled for additional security these connectors can be used, Always use Transport Layer Security ‎(TLS)‎ and connect only if the recipient’s email server certificate is issued by a trusted certificate authority ‎(CA)‎.

Recently I have addressed a customer query related to Outbound Connectors where they wanted to route emails to 3rd Party server for all the mailboxes even if the mailbox enabled within Office365, Please note default if the Mailbox enabled with Office365 it doesn't look outside even your domain set to "Internal Relay" unless you configure Outbound connector as stated in below links,detailed requirement explained in below links are, Simple domain sharing using CBR Routing,

  1. MX Points to Office365
  2. Accepted Domains Mails should be delivered to Secondary/3rd Party/Partner server, also to Office365
  3. Other server forwarding needs to be done, Before implementing this solution
  4. Doing this will route all Accepted Domain mails through 3rd Party server even the mailbox is enabled with Office365. 

Last Option we have for Outbound connector is " Internet" this doesn't need Connector, default Office365 resolves to host address sent to internet.

Now that, we are completed with Office365 Outbound Connectors, Next chapter I will cover Inbound Connector & Some tricks using Powershell, Feel free to post comment for any questions.

No comments:

Post a Comment

Blog Archive