I have deployed Hybrid environment for a customer who have Exchange 2010 SP3 with over 11K users. the customer was using SMTP gateway for spam protection and didn’t want to disable or close the gateway through the hybrid environment deployment or after and wanted to have their gateway constantly.
While Microsoft doesn’t support any SMTP gateways in Hybrid environment I had to find away to configure this gateway to allow any incoming or outgoing emails from Office365 tenant to Exchange on-premises using the whitelist feature in all its services e.g. (Anti-Spam, Virus, spoof…etc
After configuring the hybrid deployment I had a problem with mail flow from/to Exchange Online.
I have checked all Microsoft’s Office 365/Exchange Online/ Exchange Online protection IPs/CIDs in order to white list them or add them to the ignore list on the SMTP gateway in order for mail flow to not be checked from and to Exchange online if the source is Exchange on-premises but that didn’t work until I find a Microsoft article that which was modified very recently by Microsoft 31-05-2016.
Click here for the link
The article mentioned that the IP list have been updated, including the removed IPs list as well.
While tracing the logs on Office 365 Message tracer tool I noticed that the connection to the SMTP gateway has been refused due to an IP which the MS article described as “Removed” but it was still used to send emails from Exchange online.
The IP was 220.127.116.11 was greylisted on the SMTP gateway due to it not being added to the white list.
If you read the article you’ll notice that the subnet 18.104.22.168 has been mentioned as removed. so adding the IP to the white list has solved the problem for me
Hope this helps