|
NOTE: Microsoft 365 Advanced Threat Protection default settings may cause issues with Domain Rewrite for inbound messages. Please ensure that Automatic forwarding is set to On in the Outbound spam filter policy for your source or target tenant depending on the rewriting scenario you choose. |
Rewrite with Target Address – Outbound Mail Flow
- When a user sends an email as user@source.com, the Transport Rules in the Source Tenant check whether the message is in scope for Domain Rewrite
- At least one external recipient in “To” or “Cc”
- Sender and/or at least one recipient in “To” or “Cc” is Domain Rewrite Enabled
- If the message is in scope for Domain Rewrite and there are multiple internal and external recipients, the message will be bifurcated and:
- Copy of the message sent to external recipient will be securely redirected to the Quest Rewrite Service using the Outbound Connector in the Source Tenant.
- Copy of the message sent to internal recipient is delivered by Exchange Online at the Source tenant with unchanged addresses.
IMPORTANT: Messages directed to internal recipient(s) will not be processed by Quest Rewrite Service.
- When the Domain Rewrite Service receives the message from user@source.com, it processes it by rewriting @source.com to @target.com for every user that has Domain Rewrite enabled. The addresses in "From", "To", and "Cc" of the email message are rewritten for all external recipients.
- The Domain Rewrite Service adds a new DKIM-Signature to the message and securely (via the certificate uploaded during project setup) redirects it back to the Source Tenant using the Inbound Connector.
- Exchange Online at the Source sends the message to external recipients as if it was sent by user@target.com, and all addresses of message recipients in "To" and "Cc" that have Domain Rewrite enabled appear as @target.com for external recipients
Rewrite with Target Address – Inbound Mail Flow
- External recipient is not aware about @source.com and replies (or creates a new email) to user@target.com
- When the reply or a new mail arrives to the Target mail domain, the Transport Rules in the Target Tenant check whether any recipients in the “To” or “Cc” are in scope for Domain Rewrite
- If the message is in scope for Domain Rewrite and there are multiple internal (recipients in the Target Tenant) and external recipients (recipients in the Source Tenant with Domain Rewrite enabled), the message will be bifurcated and:
- Copy of the message sent to external recipient (recipients in the Source Tenant with Domain Rewrite enabled) will be securely redirected to the Domain Rewrite Service using the Outbound Connector in the Target Tenant
- Copy of the message sent to internal recipient is delivered by Exchange Online at the Target tenant with unchanged addresses
- When the Domain Rewrite Service receives the message addressed to user@target.com, it processes it by rewriting @target.com back to @source.com for every user that has Domain Rewrite enabled
- The Domain Rewrite Service new DKIM-Signature to the message and securely (via the certificate uploaded during project setup) redirects it back to the Target Tenant using the Inbound Connector
- Exchange Online at the Target forwards the message to the Source
- Source recipient gets the message as if it was addressed to user@source.com
Rewrite with Source Address – Outbound Mail Flow
- When a user sends an email as user@target.com, the Transport Rules in the Target Tenant check whether the message is in scope for Domain Rewrite
- At least one external recipient in “To” or “Cc”
- Sender and/or at least one recipient in “To” or “Cc” is Domain Rewrite Enabled
- If the message is in scope for Domain Rewrite and there are multiple internal (recipients in the Target Tenant) and external recipients, the message will be bifurcated and:
- Copy of the message sent to external recipient will be securely redirected to the Domain Rewrite Service using the Outbound Connector in the Target Tenant
- Copy of the message sent to internal recipient is delivered by Exchange Online at the Target Tenant with unchanged addresses
- When the Domain Rewrite Service receives the message from user@target.com, it processes it by rewriting @target.com to @source.com for every user that has Domain Rewrite enabled. The addresses in "From", "To", and "Cc" of the email message are rewritten for all external recipients
- The Domain Rewrite Service a new DKIM-Signature to the message and securely (via the certificate uploaded during project setup) redirects it back to the Target Tenant using the Inbound Connector
- Exchange Online at the Target sends the message to external recipients as if it was sent by user@source.com, and all addresses of message recipients in "To" and "Cc" that have Domain Rewrite enabled appear as @source.com for external recipients
Rewrite with Source Address – Inbound Mail Flow
- External recipient is not aware about @target.com and replies (or creates a new email) to user@source.com
- When the reply or a new mail arrives to the Source mail domain, the Transport Rules in the Source Tenant check whether any recipients in the “To” or “Cc” are in scope for Domain Rewrite
- If the message is in scope for Domain Rewrite and there are multiple internal (recipients in the Source Tenant) and external recipients (recipients in the Target Tenant with Domain Rewrite enabled), the message will be bifurcated and:
- Copy of the message sent to external recipient (recipients in the Target Tenant with Domain Rewrite enabled) will be securely redirected to the Domain Rewrite Service using the Outbound Connector in the Source Tenant
- Copy of the message sent to internal recipient is delivered by Exchange Online at the Source Tenant with unchanged addresses
- When the Domain Rewrite Service receives the message addressed to user@source.com, it processes it by rewriting @source.com back to @target.com for every user that has Domain Rewrite enabled
- The Domain Rewrite Service a new DKIM-Signature to the message and securely (via the certificate uploaded during project setup) redirects it back to the Source Tenant using the Inbound Connector
- Exchange Online at the Source forwards the message to the Target
- Target recipient gets the message as if it was addressed to user@target.com