Share via

Let external company Send emails as yourcompany.com

A Ska 241 Reputation points
2023-11-29T08:56:21.81+00:00

Good morning

In a hybrid Exchange 2016 infrastructure, I need to allow an external company to send emails with my company's sender domain pluto.com.

For example: the Goofy services company sends an email to colleagues at yourcompany.com as ******@yourcompany.com.

I want to avoid modifying the spf record of yourcompany.com and I don't want to give user and password to the foo company nor allow access to the mailbox from outside.

I would like to leverage a licensed mailbox on 365 without giving user and pwd to the service company.

How can this be done? Can I use something similar to App Registrations?

Thank you very much

Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,181 questions
Exchange | Exchange Server | Management
Exchange | Hybrid management

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator
    2023-11-29T12:06:46.8833333+00:00

    Even with a registered app, you would need to provide some sort of authentication method and provide some level of access to the tenant. The preferred method is to add their sending IPs to the SPF record, why dont you want to do that?

    However. If the external sender is ONLY sending to the yourcompany.com and spoofing and not sending to other external recipients as yourcompany.com, then you could simply create an Exchange transport rule to allow these or add as an allowed spoofing pair if you are using Defender for 365:

    https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-allow-block-list-email-spoof-configure?view=o365-worldwide#spoofed-senders-in-the-tenant-allowblock-list

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.