In an Exch 2016/EXO hybrid deployment, should a telnet message test on prem be considered internal

smtp exchange-2016 exchange-hybrid exchangeonline

Did you want to set the SMTP relay message as internal? You could set the receive connector you just created as “Externally Secure”.

enter image description here

The receive connector auth and permissions will now look like this:

AuthMechanism : Tls, ExternalAuthoritative

PermissionGroups : AnonymousUsers, ExchangeServers

What you see in the headers of a received message:

X-MS-Exchange-Organization-AuthAs: Internal

X-MS-Exchange-Organization-AuthMechanism: 10

In the end, all messages that pass through this connector ( and eventually through the hybrid connector to Office 365) will be considered authenticated.

Related

Any method to do 2FA when two backend systems communicates via web API?
Is there anything insecure about opening port 80 just to redirect?
Find Bandwidth usage on app engine subdomains mappend on the same service
Ansible display the diff output of a task even if the task failed
got DLR but could not find message or was not interested in for some messages - kannel
How is 10GBASE-T defined for providing compatibility?
NFS: Server says "authenticated mount request", but client sees "access denied"
DPM 2010 has allocated 100% of our storage pool. What are our options?
Cannot set SQL_MODE to Mysql 8
Unable to start free trial and adding billing account [closed]
Windows Server 2019 users become read only [closed]
How to force `ip route get` to ignore a specific device?