Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/Domain impersonation in hybrid

Domain impersonation in hybrid

/ 2024-07-24 / Microsoft

Hi all,

 

I’ve strange behavior in my Exchange hybrid deployment.

 

I have 2 internal Exchange 2016 mailbox servers and 2 Edge 2016 servers. All mailboxes are still hosted onpremises. Hybrid configuration is in place. The MX record (company.com) points to Exchange Online, emails are then routed to Edge servers and then to internal mailboxes. Outbound email is routed to the Edge servers and then to Exchange Online and to the external recipient.

 

I’ve configured the Anti Phishing policy to protect all my domains for domain impersonation. Now, every mail that is sent to extern recipients are detected as impersonation attempt of my domain “company.com”. Both Edge server public IP addresses are part of my SPF record. All certificates and connector seems fine. When I send an email from onpremises to an internal mailbox that is hosted in Exchange Online, SPF check is passed and the mail is considered to be internal.

 

I know I can disable impersonation protection for this domain, but that is not resolving the root cause. So what could cause the detection for every single mail to external recipients?

​Hi all, I’ve strange behavior in my Exchange hybrid deployment. I have 2 internal Exchange 2016 mailbox servers and 2 Edge 2016 servers. All mailboxes are still hosted onpremises. Hybrid configuration is in place. The MX record (company.com) points to Exchange Online, emails are then routed to Edge servers and then to internal mailboxes. Outbound email is routed to the Edge servers and then to Exchange Online and to the external recipient. I’ve configured the Anti Phishing policy to protect all my domains for domain impersonation. Now, every mail that is sent to extern recipients are detected as impersonation attempt of my domain “company.com”. Both Edge server public IP addresses are part of my SPF record. All certificates and connector seems fine. When I send an email from onpremises to an internal mailbox that is hosted in Exchange Online, SPF check is passed and the mail is considered to be internal. I know I can disable impersonation protection for this domain, but that is not resolving the root cause. So what could cause the detection for every single mail to external recipients?  Read More

Tags:

Related posts

Ignite 2024: Why nearly 70% of the Fortune 500 now use Microsoft 365 Copilot
2024-11-19

Ignite 2024: Why nearly 70% of the Fortune 500 now use Microsoft 365 Copilot

8080 Books, an imprint of Microsoft, launches, offering thought leadership titles spanning technology, business and society
2024-11-18

8080 Books, an imprint of Microsoft, launches, offering thought leadership titles spanning technology, business and society

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data
2024-11-14

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch