This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 17%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPK%3C/text%3E%3C/svg%3E)
hi,
i have setup a hybrid to migrate to office 365 with centralized mail flow. But we are unable to recevie an email from office 365 mailbox to on-prem server for internal and external emails. we have opened our firewall for 25 port from anywhere over the internet and we are not seeing any traffic coming in on FW.
i am little confused with the current environment.
From where exactly we have to open 25 - abc.com or owa.abc.com.
if we give FQDN in HCW as Abc.com then there is a email comng to on-prem exchange from office 365 for internal mailboxes, but if the email is sent to external like gmail.com or outlook.com it is failing with the error.
Error : 550 5.7.367 Remote server returned not permitted to relay -> 550 Relaying denied.
Thanks
Pavan.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 22%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELL%3C/text%3E%3C/svg%3E)
Hi @pavan kumar ,
Could you send email from on-premises Exchange server to external recipient normally?
1.I noticed that the on-premses Exchange server could not receive the mail sent by O365 internally or externally initially, and then you set abc.com as the FQDN in HCW. So how do you set up HCW to run in your current environment? Please make sure that the FQDN set in your HCW is your on-premises Exchange server.
2.About external url. According to my knowledge, external url of autodiscover only could set up in Exchange 2010, and normally it is empty by default and does not need to be set. Other External urls are usually set to https://fqdn/<service>.
3.Please log in to Microsoft 365 admin center -> Settings -> Domains. Check if you have successfully added your on-premises Domain to Office 365.
4.In addition to Port 25, please make sure that you opened the URL, IP and Port required by Office 365.
Please refer to: Office 365 URLs and IP address ranges
In addition, if possible, please share the complete NDR message with us. Pay attention to covering your personal information.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @Lucas Liu-MSFT ,
iYes, i can send external emails from on-prem exchange servers to external (gmail.com or outlook.com).
Question : does the o365 will look for DNS when it send an email to on-prem exchange servers in Hybrid Mail Flow.?
Thanks
Pavan.
Hi @pavan kumar ,
Confirm here, the only issue in your current environment are errors when O365 mailboxes are sent to external recipients.
Regarding your question. No need to query DNS records. In the hybrid environment, the mail between on-premises Exchange and Exchange online is equivalent to internal sending, which is sent through the connector created by HCW. In addition, since you failed to send mail, this has nothing to do with your organization's MX records.
Please check whether the configuration of the connector automatically created by HCW in Exchange online is correct.
Please try to send a test email and check the message trace in Exchange online admin center, check if there are more related error messages. In addition, besides the error information provided above, is there any more information in the NDR you received?
----------
If the response is helpful, please click "Accept Answer" and upvote it.
hi Lucas,
This is what i get it when i send email from o365 to on-prem.
Sending from o365 to on-prem mailbox.
Diagnostic information for administrators:
Generating server: DM6HRG7318.namprd2.prod.outlook.com
Receiving server: DM6HRG7318.namprd2.prod.outlook.com
Total retry attempts: 7
usermilbox@keyman .com
5/12/2021 8:45:49 PM - Server at DM6HRG7318.namprd2.prod.outlook.com returned '550 5.4.316 Message expired, connection refused(Socket error code 10061)'
5/12/2021 8:40:06 PM - Server at 11.167.19.267 (11.167.19.267) returned '450 4.4.316 Connection refused [Message=Socket error code 10061] [LastAttemptedServerName=DOMAIN.COM] [LastAttemptedIP=11.167.19.267:25] DM3HCCYFT004.eop-LKT02.prod.protection.outlook.com'
Sending from o365 to external.
Reported error: 550 5.7.367 Remote server returned not permitted to relay -> 550 Relaying denied.
DSN generated by: BLAQR09MB6642.namprd2.prod.outlook.com
Remote server: Requested
Hi @pavan kumar ,
1.According to the error message, 10061 is a Connection Refused error sent to you by the server.In a hybrid deployment, the most common cause of this error is that the port and URL are rejected. Please confirm again that your firewall has allowed all the IPs and URLs required by O365 in the links provided above. And check the firewall log to see if any related communications are blocked.
2.Please check if your third-party certificate is valid. And assigned IIS and SMTP services.
3.Please check if the connectors created by HCW is correct. You could also delete these connectors automatically created by HCW, then run the HCW again.
For more information you could refer to: Mail Not Flowing From Office 365 To On-Premises Exchange Server
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @pavan kumar ,
I am writing here to confirm with you how thing going now?
----------
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.