Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, November 1, 2018 2:48 PM
Hello,
We deployed an Hybrid Exchange (2013/2016 latest CU + Exchange Online), and we have trouble with the moderation of DL, especially when a message is approved / rejected from a mailbox on Exchange Online, to a Distribution List on On Premise.
We followed this article "moderated-group-scenario-in-hybrid-configuration" (cannot put link sorry)
But we still get the following error:
SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c} @ ourdomain com
TEXCH04E1 ourdomain com
Remote Server returned '550 5.7.106 APPROVAL.InvalidContent; Invalid content. [Stage: OnCreatedEvent][Agent: Approval Processing Agent]'
We have:
- TNEFEnabled on remote domains on both side
- Mail contacts on Exchange Online for the SystemMailbox{guid}
- Preserve headers is enabled on the outbound/send connectors
- Domain on ExchangeOnline set to InternalRelay (although we are in centralized routing, was not really needed)
- Waited more than 24h
We rechecked everything multiple times and it seems correct.
We also noticed that:
- **Moderator Online **and moderated DL OnPremise: moderator get approval buttons (TNEF working), but above error.
- **Moderator OnPremise **and moderated DL Online: moderator get approval buttons (TNEF working), and approval reply works.
So it looks like the issues is with the OnPremise received email to the arbitration mailbox that is not "well recognized". Note we tried two different Arbitration mailboxes, same issue.
Does anyone have an idea where would be the issue?
Thanks,
All replies (2)
Wednesday, November 7, 2018 10:21 AM ✅Answered
Hello,
Well we found the solution ourselves even though we had a ticket open!
The issue was on the receive connectors OnPremise that get emails coming from Exchange Online.
For unknown reason, the Wizard didn't update the default connectors with the correct parameters.
This resulted in emails coming from Migrated users from OnPrem to Online to be Anonymous (we could see they email address next to the Display Name + header for anonymous auth).
The fix was to run the following command on the Receive Connector(s) that receive emails on port 25 from O365 servers:
Set-ReceiveConnector -Identity “O365Inbound”-TlsDomainCapabilities "mail.protection.outlook.com:AcceptCloudServicesMail”
After that, the users display name appeared correctly and Auth was Internal, and moderation finally started to work!
Hope this can help anyone with the same issue, was pretty hard to lead to the issue as no other articles online refer to this possible issue impacting the moderation.
Cheers!
Friday, November 2, 2018 12:52 AM
I recommend that you open an incident with Microsoft Online Support.
Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
Celebrating 20 years of providing Exchange peer support!