This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 15%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
I am using Office 365 (SMTP relay) .
| Device or application setting | Value |
|---|---|
| Server/smart host | Your MX endpoint, for example, yourdomain- com.mail.protection.outlook.com |
| Server/smart host | Your MX endpoint, for example, yourdomain- com.mail.protection.outlook.com |
| Port | Port 25 |
| TLS/StartTLS | Enabled |
| Email address | Any email address in one of your Microsoft 365- or Office 365-verified domains. This email address doesn't need a mailbox. |
Connector is created as per the details provided in below article.
We have below setting opted in the connector.
My question is with this setting of certificate emails are sending via on premises and through this connector to office 365 users and external users, still we need to add the sending IP in the SPF of our domain or not. Like SPF is already created for the domain.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 43%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBJ%3C/text%3E%3C/svg%3E)
Hi, @ Sanjay Bhakuni - admin
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Hello, @Sanjay Bhakuni - admin
It's been a long time since I've heard from you, have you solved your problem yet? Did my previous reply help you? If it was useful, you can mark it as an answer. Thank you for your understanding and support.
Hi, @ Sanjay Bhakuni - admin
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Yes, make sure the sending IPs of the source on-prem servers in the connectors to 365 are resolvable and in your SPF record so that Exchange Online can authenticate those using SPF as well.
Here are my additions:
We recommend adding a Sender Policy Framework (SPF) record to avoid having messages flagged as spam. If you're sending from a static IP address, add it to your SPF record in your domain registrar's DNS settings as follows: