Messages dropped from on-prem Exchange to Office 365 when on-prem IP is blacklisted

Eirik Hamer 81 Reputation points
2021-02-04T09:55:53.787+00:00

I have a hybrid Exchange setup where the on-prem Exchange is on a connection with dynamic IP. The ISP did an upgrade and I got a new IP address which was blacklisted. The result was that the on-prem server receives the email, which results in the sender being satisfied the mail is sent and received. However, when the local server tries to forward the email to Office365 the email is dropped and I can see the status FAIL in the message tracking log. The end result is that the email will never arrive in the recipients mailbox and the sender will not resend.

Is there a way to avoid this behavior? Is there some way to tell Office 365 to accept incoming emails from my on-prem server, even if the IP is blacklisted?
Or, as an alternative, is there a way to let these messages stay in the queue on the on-prem server until the IP issue is fixed and Office 365 will accept them? Right now they are dropped at once, never to be seen again.

PS! I know all the reasons why I shouldn't use dynamic IP and hybrid, but that is not part of the question.

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,392 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,916 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Falcon IT Services 226 Reputation points
    2021-02-17T14:14:46.617+00:00

    "PS! I know all the reasons why I shouldn't use dynamic IP and hybrid, but that is not part of the question."

    Sometimes the answers are not technical... If you know you are doing something the wrong way, and it's causing you grief, isn't it easier to just do it the right way?

    Aside from many RBL's blocking dynamic public address pools, you need reverse PTRs and other features not available with dynamic IP's for headache free SMTP transmission.

    -Miguel Fra
    https://www.falconitservices.com

    1 person found this answer helpful.

  2. Andy David - MVP 142.7K Reputation points MVP
    2021-02-04T16:36:55.58+00:00

    Ok, well, if you are using a dynamic IP, then you are stuck :)
    I know its not part of what you are asking, but ---really it is. Using a Dynamic IP simply is not something that should be used for this architecture.