Dear Community,
We have an on-prem exchange 2013 server and an office 365 account which is completly standalone.
Whilst the office 365 account is standalone, it does feature the email address we use for on-prem (Ie. the domain name in office 365 account is not active for any office 365 services however has passed ownership verification thus it's just sitting there)
We DON'T use EOP nor do we have any connector rules on our on-prem system that go to office 365 however when I randomly went into the 'Message Flow Trace' section in our office 365 account, there is recorded outbound mail which was sent from our On-prem server.
The ONLY mail that was recorded in the message Trace in Office 365 was emails we had sent from On-prem to other office 365 accounts (For example btconnect.com, and some of our clients whom also use office 365) .
How is office 365 picking up mail we've sent from our On-Prem server? Is there integration out of the box in exchange 2013 which auto interfaces with office 365? What on earth has happened here?
I'm really confused.
-------- For troubleshooting purposes...
Headers in the email which arrived in my personal office 365 account from the ON-PREM SERVER
Received: from AMSPR05MB065.eurprd05.prod.outlook.com (10.242.89.142) by
DBXPR05MB079.eurprd05.prod.outlook.com (10.242.138.22) with Microsoft SMTP
Server (TLS) id 15.1.93.16 via Mailbox Transport; Thu, 5 Mar 2015 16:16:31
+0000
Received: from DBXPR05CA0014.eurprd05.prod.outlook.com (10.255.178.14) by
AMSPR05MB065.eurprd05.prod.outlook.com (10.242.89.142) with Microsoft SMTP
Server (TLS) id 15.1.99.14; Thu, 5 Mar 2015 16:16:30 +0000
Received: from DB3FFO11FD028.protection.gbl (2a01:111:f400:7e04::145) by
DBXPR05CA0014.outlook.office365.com (2a01:111:e400:9434::14) with Microsoft
SMTP Server (TLS) id 15.1.106.15 via Frontend Transport; Thu, 5 Mar 2015
16:16:29 +0000
Received: from emea01-am1-obe.outbound.protection.outlook.com (157.56.112.128)
by DB3FFO11FD028.mail.protection.outlook.com (10.47.217.59) with Microsoft
SMTP Server (TLS) id 15.1.99.6 via Frontend Transport; Thu, 5 Mar 2015
16:16:28 +0000
Received: from DB4PR04CA0010.eurprd04.prod.outlook.com (25.160.41.20) by
DB3PR04MB236.eurprd04.prod.outlook.com (10.242.130.24) with Microsoft SMTP
Server (TLS) id 15.1.99.14; Thu, 5 Mar 2015 16:16:26 +0000
Received: from DB3FFO11FD040.protection.gbl (2a01:111:f400:7e04::184) by
DB4PR04CA0010.outlook.office365.com (2a01:111:e400:9852::20) with Microsoft
SMTP Server (TLS) id 15.1.106.15 via Frontend Transport; Thu, 5 Mar 2015
16:16:26 +0000
Received: from mail.localdomainhere (<IP OF OUR ON-PREM SERVER GOES HERE>) by
DB3FFO11FD040.mail.protection.outlook.com (10.47.217.71) with Microsoft SMTP
Server (TLS) id 15.1.99.6 via Frontend Transport; Thu, 5 Mar 2015 16:16:25
+0000
Received: from INT-EX-01.localdomainhere (192.168.142.20) by
INT-EX-01.localdomainhere (192.168.142.20) with Microsoft SMTP Server (TLS) id
15.0.913.22; Thu, 5 Mar 2015 16:15:55 +0000
Received: from INT-EX-01.localdomainhere ([fe80::aca4:88cf:3eaf:57dc]) by
INT-EX-01.localdomainhere ([fe80::aca4:88cf:3eaf:57dc%12]) with mapi id
15.00.0913.011; Thu, 5 Mar 2015 16:15:55 +0000
From: Jake Ives <Jake.Ives@domain.com>
To: Jake Ives <jake@ives.gb.net>
Subject: Test01
Thread-Topic: Test01
Thread-Index: AdBXX6dyI5u99OGoSKmXroKKyMA3Tg==
Date: Thu, 5 Mar 2015 16:15:54 +0000
Message-ID: <081f834d85b7436193fa887613b9dac7@INT-EX-01.localdomainhere>
Accept-Language: en-US, en-GB
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.142.73]
Content-Type: multipart/related;
boundary="_004_081f834d85b7436193fa887613b9dac7INTEX01localdomainhere_";
type="multipart/alternative"
MIME-Version: 1.0
Return-Path: jake.ives@domain.com
X-EOPAttributedMessage: 1
Received-SPF: Pass (protection.outlook.com: domain of domain.com
designates <IP OF ONPREM SERVER HERE> as permitted sender)
receiver=protection.outlook.com; client-ip=<IP OF OUR ON-PREM SERVER GOES HERE;
helo=mail.domain.co.uk;
Authentication-Results: spf=pass (sender IP is <IP OF OUR ON-PREM SERVER GOES HERE>)
smtp.mailfrom=Jake.Ives@DOMAIN.co.uk; ives.gb.net; dkim=none (message not
signed) header.d=none;ives.gb.net; dkim=none (message not signed)
header.d=none;ives.gb.net; dmarc=none action=none header.from=domain.com;
X-Forefront-Antispam-Report-Untrusted: CIP:<IP OF ON PREM SERVER HERE>;CTRY:GB;IPV:NLI;EFV:NLI;BMV:0;SFV:NSPM;SFS:(10019020)(438002)(189002)(199003)(71364002)(87936001)(2656002)(98436002)(92726002)(102836002)(108616004)(19625215002)(19618635001)(512954002)(92566002)(229853001)(107886001)(66926002)(18206015028)(84326002)(16796002)(19300405004)(450100001)(19580395003)(2900100001)(77156002)(15974865002)(62966003)(5250100002)(5310100001)(99936001)(15395725005)(16236675004)(110136001)(17760045003)(67866002)(86362001)(19617315012)(19627595001)(15975445007)(19580405001)(54356999)(22756005)(50986999)(6806004)(46102003)(74482002)(106466001)(33646002)(7099025)(24736002)(15669805003);DIR:OUT;SFP:1102;SCL:1;SRVR:DB3PR04MB236;H:mail.domain.co.uk;FPR:;SPF:Pass;MLV:ovrnspm;MX:1;A:1;PTR:mail.domain.co.uk;LANG:en;
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB3PR04MB236;UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AMSPR05MB065;
X-Microsoft-Antispam-PRVS: <DB3PR04MB2361563F5226475182B0CCD8C1F0@DB3PR04MB236.eurprd04.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(601004)(5001007)(5005006);SRVR:DB3PR04MB236;BCL:0;PCL:0;RULEID:;SRVR:DB3PR04MB236;BCL:0;PCL:0;RULEID:(601004);SRVR:AMSPR05MB065;BCL:0;PCL:0;RULEID:;SRVR:AMSPR05MB065;
X-Forefront-PRVS: 05066DEDBB
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR04MB236
X-MS-Exchange-Organization-MessageDirectionality: Incoming
Received-SPF: Fail (protection.outlook.com: domain of domain.com does not
designate 157.56.112.128 as permitted sender)
receiver=protection.outlook.com; client-ip=157.56.112.128;
helo=emea01-am1-obe.outbound.protection.outlook.com;
Authentication-Results: spf=fail (sender IP is 157.56.112.128)
smtp.mailfrom=jake.ives@DOMAIN.co.uk;
X-Forefront-Antispam-Report: CIP:157.56.112.128;CTRY:US;IPV:NLI;IPV:NLI;EFV:NLI;SFV:NSPM;SFS:(339900001)(489007)(189002)(71364002)(199003)(102836002)(92726002)(15975445007)(92566002)(17760045003)(62966003)(106466001)(15395725005)(16236675004)(77156002)(110136001)(107886001)(450100001)(5310100001)(229853001)(22756005)(98436002)(2900100001)(5250100002)(19625215002)(66926002)(99936001)(33646002)(15974865002)(19617315012)(19627595001)(67866002)(54356999)(108616004)(19300405004)(19618635001)(87836001)(2656002)(18206015028)(85426001)(512954002)(86362001)(6806004)(46102003)(74482002)(84326002)(19580395003)(50986999)(19580405001)(7099025)(24736002)(15669805003);DIR:INB;SFP:;SCL:1;SRVR:AMSPR05MB065;H:emea01-am1-obe.outbound.protection.outlook.com;FPR:;SPF:Fail;MLV:ovrnspm;MX:1;A:1;PTR:mail-am1on0128.outbound.protection.outlook.com;LANG:en;
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB3FFO11FD028.protection.gbl
X-MS-Exchange-Transport-CrossTenantHeadersPromoted: DB3FFO11FD028.protection.gbl
X-MS-Exchange-Organization-Network-Message-Id: 927151e3-02c4-4c46-5539-08d22576df82
X-MS-Exchange-Organization-AVStamp-Service: 1.0
X-MS-Exchange-Organization-SCL: 1
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Mar 2015 16:16:28.9728
(UTC)
X-MS-Exchange-CrossTenant-Id: cd52bfe2-da2e-446d-b8f1-e78db861d489
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bfa61dad-1543-4f3b-8075-03498e9f4fcb;Ip=[IP OF ON PREM SERVER HERE]
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AMSPR05MB065
X-MS-Exchange-Organization-AuthSource: DB3FFO11FD028.protection.gbl
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Exchange-Transport-EndToEndLatency: 00:00:03.5565465
- Edited by intersys_jake Thursday, March 05, 2015 5:51 PM
Other recent topics
