Some messages aren't routed through the on-premises organization when you use centralized mail transport
Original KB number: 3194415
Consider the following scenario:
- You have a hybrid deployment of on-premises Microsoft Exchange Server and Exchange Online.
- You configured the outbound send connector in Exchange Online to use a remote domain of "*", and you enabled centralized mail transport on that connector.
- A user or application in the on-premises organization sends an email message to a mailbox that's hosted in Exchange Online, for example, email@example.com. And the Exchange Online recipient, firstname.lastname@example.org, has a forwarding SMTP address that's set to an external recipient (email@example.com).
In this scenario, the message tracking logs show the message that was forwarded to firstname.lastname@example.org isn't routed back through the on-premises organization, as expected. Instead, the message is sent directly through Exchange Online Protection.
This behavior is by design. To forward the message, an exact copy of the original message is created and sent to the external recipient. Mail routing logic sees that this new message originated in the on-premises environment and therefore doesn't send the message back to the on-premises environment. Instead, it's routed directly to the external recipient domain through Exchange Online Protection.
This behavior also applies to other similar scenarios. For example, email is sent from on-premises to a distribution group hosted in Exchange Online, and there is an external recipient in the distribution group. In this scenario, email sent to that external recipient will be routed directly instead of following centralized mail routing, because the message originates from the on-premises environment.