Figured out what it was.It was the Exchange 2010 receive connector that was set to "externally secured" due to the perimeter appliance that accepts email from the internet. Apparently, if the receive connector is set to this, exchange will accept all emails as 'authenticated', no matter who the sender is. This setting will essentially 'trump' the local settings on each individual distro group. The new Exchange 2016 connector did not have the "externally secured" setting, so essentially, the settings for internal/external on each distro group was now in play. The only reason I found this out because I was able to figure out when was the last time a particular distro group, who had always received external email, had received its last one...and it happened to be right before I tore down the old 2010 receive connector and redirected traffic to the 2016 connector.
Distribution Groups that received external emails now set to internal only
Nobody has made any changes. But it seems that after recently installing Exchange 2016 into an old Exchange 2010 environment, there are now many distribution groups that apparently WERE "receiving mails from the outside" that are now set to "internal only". Again, as far as I can tell, NO ONE has made any change to these distribution groups. The only changes that have been made as far as I can tell were
A) The successful install of Exchange 2016 into the environment
B) The migration of user MAILBOXES to Exchange 2016
I'm noticing that the attribute is maybe slightly different in Exchange 2010 from 2016? In Exchange 2010, the attribute is 'Require Authentication' where in Exchange 2010 it is called "Internal Only".
Can anyone help me out with the root cause of what probably happened? I don't want to be reacting to further tickets from people telling me they are missing emails from the outside, and I am also hesitant to set all distribution groups to "external only".
Thank you.