Scenario: Conditional Mail Routing
Applies to: Exchange Online Protection
Topic Last Modified: 2013-08-30
If you have multiple sites, perhaps spread across the world, you can use connectors and transport rules to route mail to a specific site, based on conditions.
This scenario is illustrated in the following graphic:
EOP filters incoming messages before routing each message to a specific location.
Follow the steps to set up conditional mail routing:
An Outbound connector configured to use criteria-based routing is required to route mail to a site. First, create an Outbound connector that routes mail to a mail server, by IP address, at a specific site.
In the EAC, navigate to mail flow > connectors. Under Outbound Connectors, click to create a new connector.
Give the connector a name. For Connector Type, choose On-premises. Optionally, add a description for the connector in the Comment text box.
For the security connectivity requirements, you can select Opportunistic TLS (a TLS connection is attempted, but it rolls over to an SMTP connection if the receiving email server is not configured to use TLS) or another available security-connectivity option, based on your business requirements.
In the Outbound Delivery section, choose Route mail through smart hosts, and enter the IP address of the destination server. This selection sends messages to the IP address you specify.
For scope, choose Use for Criteria Based Routing (CBR). This allows you to assign a specific transport rule to this connector.
Click save to save the connector. It appears in the list of connectors. If you have difficulty saving the connector, check to make sure you completed all of the required fields. Make sure ENABLED is checked. Later, you can edit the connector’s settings by clicking .
Next, create a transport rule and assign it to the Outbound connector.
In the EAC, choose mail flow > rules. Click and choose Create a new rule….
Give the rule a name. Click the More options… link to make all selections available for the rule.
For *Apply this rule if…, choose The recipient… and has specific properties including any of these words. The select user properties box appears. Click , and under User properties:, choose City. City is an Active Directory attribute made available for use by the transport rule. Specify the name of the city, such as New Orleans. Click ok, and then click ok again to close the select user properties box.
Important: Check the accuracy of user attributes in Active Directory to ensure that the transport rule works as intended.
Outbound connector changes can take a little time to replicate.
For *Do the following…, choose Redirect the message to… and then specify the following outbound connector. The select outbound connector box appears. Choose the Outbound connector you created previously. Only connectors that are enabled for CBR appear in the list.
You can choose additional properties for the rule, such as the test mode and when to activate the rule.
Click save to save the connector.
Once you complete these steps, the transport rule redirects messages addressed to users whose City property is set to New Orleans to the IP address specified by your Outbound connector.
To route messages to additional sites, as illustrated in the graphic, follow the same steps, but change the IP address in each connector and the City value in each transport rule to reflect the correct site.