Manage all mailboxes and mail flow using Microsoft 365 or Office 365

  • Article

Summary: How to use hosted mail flow with Microsoft 365 or Office 365.

For most organizations, we recommend using hosted mail flow because it's the simplest configuration, in which Microsoft 365 or Office 365 manages all mailboxes and filtering. This simple configuration makes it easy to set up and manage mail flow.

Hosted mail flow scenarios

  • I'm a new Microsoft 365 or Office 365 customer, and all my users' mailboxes are in Microsoft 365 or Office 365. I want to use all filtering solutions that Office 365 offers.

  • I'm a new Microsoft 365 or Office 365 customer. I have an existing email service, but I plan to immediately move all existing mailboxes to the cloud. I want to use all filtering solutions that Microsoft 365 and Office 365 offer.

For this scenario, your organization's mail flow setup looks like the following diagram:

Mail flow diagram showing mail going from the internet to Microsoft 365 or Office 365, and from Microsoft 365 or Office 365 to the internet.

Best practices for hosted mail flow scenarios

To set up hosted mail flow, we recommend using the Microsoft 365 setup wizard. To get to the Microsoft 365 setup wizard, go to Setup in the Microsoft 365 admin center.

interface of Microsoft 365 Admin center.

The Microsoft 365 setup wizard walks you through the following steps.

  1. Add your custom domains in Microsoft 365 or Office 365. To prove that you own the domains, follow the instructions in Add a domain to Microsoft 365.

  2. Create user mailboxes in Exchange Online or move all users' mailboxes to Microsoft 365 or Office 365.

  3. Update the DNS records for the domains that you added in step 1. (Not sure how to do this task? Follow the instructions on this page.)

    The following DNS records control mail flow:

    • MX record - Point your MX record to Microsoft 365 or Office 365 in the following format: <domainKey>.mail.protection.outlook.com.

    For example, the domain contoso.com should have the MX record contoso-com.mail.protection.outlook.com.

    • SPF record - This record is a special TXT record in DNS that identifies a service as a valid sender for a particular domain. Because Microsoft 365 and Office 365 are sending all your messages, list only Microsoft 365 or Office 365 as a valid sender for your domain. To do that, add an SPF record for your domain in the following format:
    v=spf1 include:spf.protection.outlook.com -all

For a full list of setup instructions, check out Set up Microsoft 365 for business or Deploy Office 365 Enterprise for your organization.

See also

Mail flow best practices for Exchange Online, Microsoft 365, and Office 365 (overview)

Manage mail flow using a third-party cloud service

Manage mail flow with mailboxes in multiple locations

Manage mail flow using a third-party cloud service with mailboxes on Microsoft 365 or Office 365 and on-prem

Troubleshoot mail flow

Test mail flow by validating your connectors