In order to process incoming and outgoing mails via the appliance, the following conditions are necessary:
nslookup -q=cname selector1._domainkey.YOURDOMAIN.TLD
and the result must be a non-authorising response:
Enter the domain(s) in the Appliance Admin web interface => Configuration => Local Domains
Configure the transport rules in the Appliance Admin web interface for each domain so that they point to the corresponding Microsoft 365 MX record. The default policy has to be placed at the last spot in the list.
Specify the corresponding domain for the recipient addresses.
Use the SSL certificate in the TLS settings.
In the Transport tab, enter the MX record that is displayed in O365 for your domain as the smarthost.
You can see the DNS name required for this in the Microsoft 365 domain view::
Do net set the checkbox "resolve domain part as hostname".
In the advanced tab, set the FQDN according to your appliance.
If an on-premises Exchange is also available, the transport policies must be adjusted accordingly.
The following procedure is recommended:
The transport policy with the fewest affected email addresses should be at the top of the list.
If there are for example fewer on-premises users than cloud users in the hybrid environment, use the on-premises transport policy with Smarthost to on-premises Exchange as the first policy.
In the first transport policy, the recipient addresses are then listed individually line by line.
In the second transport policy (i.e. the one with the larger number of email addresses/users), the wildcard *@domain.tld is used in the transport policy for the recipient addresses.
In the Local Domains of the appliance, configure the option "Hosted Exchange" for the O365 domains.
Setting Local domains
Also configure DKIM for the Local Domains so that outgoing emails can receive a correct DKIM signature.
This is especially necessary when using the MailSealer.
The local Exchange Server needs to be permitted to be allowed forwarding external E-Mails via the appliance.
This is adjusted via Configuration => Email Transport => Local Networks:
Select the MX of your REDDOXX Appliance here:
Enter the name of the SSL certificate that is used in the REDDOXX Appliance:
Even if the test fails, accept the save with "Yes", as the connector is necessary for the configuration of the transport rule.