In this article, we will talk about hybrid email moderation and remote domains. Please reference to previous blog post about Hybrid Email moderation to get more context.
We will talk about how important is to configure Remote Domains both in the on-premises Exchange environment and on Exchange Online to preserve headers and TNEF format between the two organizations. The TNEF format is what makes the Approve or Reject buttons appear in the email messages.
Hybrid Email moderation and Remote Domains
Remote Domains is a way in Exchange configuration to control the type and format of messages exchanged between your organization and other external domains.
Example of type of this would be if we want to block sending Out Of Office replies to a specific domain, then we would create a Remote Domain in Exchange for that domain, and turn of Out Of Office messages. [This is example of type of messages]
For example, if you know that the remote domain is not using Exchange, you can specify to never use Rich Text Format (RTF). [This is example of format of messages]
What is the impact and problem?
The impact of misconfigured Remote Domains can largely go unnoticed, especially since the person most impacted is going to be the recipient who may not report the issue to the sender or support.
When someone sends email to a moderated groups, and the moderator is hosted on Office 365, the buttons for Approve and Reject are not showing at his email client.
It turned out that a setting called TNEF (Transport Neutral Encapsulation Format) is causing this to happen. We need to make sure TNEF format is enabled when sending emails out to Office 365 tenant.
We need to make our on premise Exchange servers deals with both @contoso.mail.onmicrosoft.com and @contoso.onmicrosoft.com as a well behaved remote domains.
We need also to make sure our Exchange Online environment deals with @contoso.con domain as a well behaved remote domain.
So simply the answer is to create remote domain for @contoso.onmicrosoft.com and @contoso.mail.onmicrosoft.com at the on-premises Exchange server if non is already created by Exchange hybrid wizard ( Get-RemoteDomain ), and then configure the TNEF to true simply by running Set-RemoteDomain with -TNEFEnabled $true
Same applies to Exchange Online, we need to create remote domain for @contoso.com with TNEFEnabled $true.