Exchange Hybrid SMTP relay not working after change of public IP

James Edmonds 811 Reputation points
2022-08-16T12:38:24.877+00:00

Hi,

We have a Hybrid Exchange Server on prem, solely used to relay SMTP messages from on premise devices and applications to Office365.
This works perfectly well, however I just attempted to change our WAN link over to a new public IP/subnet, and it broke the relay.

I re-ran the HCW which did not help, and I also added the new IP/range to our SPF record (which I don't think is explicitly required for internal relaying anyway).
The message makes it to the Exchange server, but never to 365 from what I can see.

I don't see why a change of public IP would cause the relay to break?
Can anyone offer be any guidance?

Many thanks
James

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,390 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,914 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Philippe Levesque 5,701 Reputation points MVP
    2022-08-16T12:48:47.093+00:00

    Hi, in your send connector in o365 make sure your new IP is there. The O365 should be set to only relay when the email come from your IP, to not be open to relay to the entire internet.

    231534-image.png


  2. James Edmonds 811 Reputation points
    2022-08-30T10:55:10.823+00:00

    We had a dig through the on prem message tracking logs, and found this error:
    {[{LED=550 5.7.606 Access denied, banned sending IP [x.x.x.x]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more
    information please go to http://go.microsoft.com/fwlink/?LinkID=526655
    AS(1430)};{MSG=};{FQDN=aspallcouk-mail-onmicrosoft-com.mail.protection.outlook.com};{IP=104.47.20.36};{LRT=16/08/2022 10:11:11}]}

    Looks like this IP for some reason was blacklisted (must have been by previous owner of IP, as it is a new, unused IP for us).
    We have requested Microsoft remove the blacklist, which they have done, and now all working as expected.

    0 comments No comments