Using cPanel and Office 365 in a hybrid scenario

Lefteris Mourikis

Registered
Feb 22, 2017
1
0
1
Athens, Greece
cPanel Access Level
Root Administrator
Hello,

I landed on this thread while searching on Google for the same question as the original poster. As this thread is quite old, I cannot answer there, so I open a new one hoping this helps both the original poster and any other guy with the same question. Also, if anyone has a better suggestion, I would be glad to read it.

While Jcats's answer is correct when speaking about email routing via DNS, it does not contain the full truth about email routing. That is because DNS is not the only way to route messages between email servers of the same organization.

That said, let me describe a little better the options. When setting up Office 365 on a hybrid scenario between a, let's call it, on-premise server (that is your WHM/CPanel server) and Office 365 Exchange Online you have to take a decision about the primary mail server. You can either choose all mails to be routed to Exchange Online or to your on-premise server. This is done using the MX record, as Jcats mentioned. Let's take the scenario that you choose to route all emails to Exchange Online.

First you need to create a Connector in the Exchange Online ECP. Tell the connector to be used only when a transport rule is set up (we will create that later). Specify the on-premise IP address of your email server and the desired TLS configuration, if any. Then go to Recipients -> Contacts and create new contacts for every single email address you want to use, eg [email protected], [email protected], etc. Last, go to Mail flow -> Rules and create a new rule for every contact you created. The rule should tell that if the recipient is [email protected] then use the Connector you created.

That is all needed inside Office 365 Exchange Control Panel. Now, you need to setup also WHM/CPanel. So, go to your client's CPanel.

First, you have to edit the TXT SPF record so that both Exchange Online and CPanel's IP address are included.

Then, go to MX Entry and choose Local Mail Exchanger. If you don't do that CPanel sees that the MX record shows to an external mail exchanger (that is Office 365's Exchange Online) and will forward the message back to Exchange Online, creating a loop that will end with an error "Hop count exceeded". Keep in mind that in our scenario you must leave Office 365 as the value of your primary MX record (that is <yourdomain>.mail.protection.outlook.com).

After that you will be able to use both Office 365 and WHM/CPanel in a hybrid scenario.

The downside is that you have to check the consequences of the "Local Mail Exchanger" setting in CPanel. For example, maybe your site's contact forms will have problem sending you email to 365. It is something you have to check.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

Thank you for taking the time to share an example of how this could be acheived. I've moved this thread to our "Workarounds and Optimizations" forum.

Thanks!
 

Doc_br

Registered
Feb 28, 2017
1
1
3
Portugaç
cPanel Access Level
Root Administrator
Hello,

Thanks for sharing this.
I just finished implementing this solution on my server, but I couldn't send emails from my on-premises accounts to the office 365 accounts. Since we are forcing the "Local Mail Exchanger" option, any email sent to accounts on the same server would not be sent to Office 365.
To overcome this, I setup an email forwarding to the corresponding @mydomain.onmicrosoft.com email address.
So for the email [email protected] that is now using Office 365, I created an Email Account Forwarder to the account [email protected]

Now it is working!
 
  • Like
Reactions: cPanelMichael

lulzimv

Registered
Jan 8, 2018
3
0
1
Kosovo
cPanel Access Level
Root Administrator
Hello,

I landed on this thread while searching on Google for the same question as the original poster. As this thread is quite old, I cannot answer there, so I open a new one hoping this helps both the original poster and any other guy with the same question. Also, if anyone has a better suggestion, I would be glad to read it.

While Jcats's answer is correct when speaking about email routing via DNS, it does not contain the full truth about email routing. That is because DNS is not the only way to route messages between email servers of the same organization.

That said, let me describe a little better the options. When setting up Office 365 on a hybrid scenario between a, let's call it, on-premise server (that is your WHM/CPanel server) and Office 365 Exchange Online you have to take a decision about the primary mail server. You can either choose all mails to be routed to Exchange Online or to your on-premise server. This is done using the MX record, as Jcats mentioned. Let's take the scenario that you choose to route all emails to Exchange Online.

First you need to create a Connector in the Exchange Online ECP. Tell the connector to be used only when a transport rule is set up (we will create that later). Specify the on-premise IP address of your email server and the desired TLS configuration, if any. Then go to Recipients -> Contacts and create new contacts for every single email address you want to use, eg [email protected], [email protected], etc. Last, go to Mail flow -> Rules and create a new rule for every contact you created. The rule should tell that if the recipient is [email protected] then use the Connector you created.

That is all needed inside Office 365 Exchange Control Panel. Now, you need to setup also WHM/CPanel. So, go to your client's CPanel.

First, you have to edit the TXT SPF record so that both Exchange Online and CPanel's IP address are included.

Then, go to MX Entry and choose Local Mail Exchanger. If you don't do that CPanel sees that the MX record shows to an external mail exchanger (that is Office 365's Exchange Online) and will forward the message back to Exchange Online, creating a loop that will end with an error "Hop count exceeded". Keep in mind that in our scenario you must leave Office 365 as the value of your primary MX record (that is <yourdomain>.mail.protection.outlook.com).

After that you will be able to use both Office 365 and WHM/CPanel in a hybrid scenario.

The downside is that you have to check the consequences of the "Local Mail Exchanger" setting in CPanel. For example, maybe your site's contact forms will have problem sending you email to 365. It is something you have to check.

Hi there why this explanation does not work for me ?
 

Jacque

Registered
Apr 26, 2018
2
0
1
South Africa
cPanel Access Level
Website Owner
Hi Guys,

thanks for the info. I'm trying to set this up and configuring the outbound connector in EOP. Question is where do I find the CPanel mail server IP address? A Google search shows the various CPanel mail server IP addresses. Do I need to add all of them?

Thanks
 

Jacque

Registered
Apr 26, 2018
2
0
1
South Africa
cPanel Access Level
Website Owner
Found the server IP under "Server Information". Tested and working.

My setup is as follows:

User migrated from CPanel to O365 but didn't have licenses for all mailboxes. They still needed some of the CPanel mailboxes to be active. MX record points to O365

Steps:
1. Login to CPanel and set Email Routing to "Local Mail Exchanger". Also confirm CPanel server IP address - Find it under "Server Information"
2. Create a contact in EAC for the mailbox located on CPanel.
3. In EAC create a connector - From O365 to Partner Organisation, Choose ti use connector only with transport rule, route to CPanel server IP as the smarthost.
4. In EAC create a transport rule - "Recipient is" the contact you created, "Do the following - use the connector", the one you created

*In EAC when creating the new transport rule remember to select "more options" to view all menu items.
 

Mohamed Firdous

Registered
Aug 2, 2018
1
0
1
qatar
cPanel Access Level
Website Owner
Found the server IP under "Server Information". Tested and working.

My setup is as follows:

User migrated from CPanel to O365 but didn't have licenses for all mailboxes. They still needed some of the CPanel mailboxes to be active. MX record points to O365

Steps:
1. Login to CPanel and set Email Routing to "Local Mail Exchanger". Also confirm CPanel server IP address - Find it under "Server Information"
2. Create a contact in EAC for the mailbox located on CPanel.
3. In EAC create a connector - From O365 to Partner Organisation, Choose ti use connector only with transport rule, route to CPanel server IP as the smarthost.
4. In EAC create a transport rule - "Recipient is" the contact you created, "Do the following - use the connector", the one you created

*In EAC when creating the new transport rule remember to select "more options" to view all menu items.
Hi

Do i need to create a account in office365 for each email address that will forward ?
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Do i need to create a account in office365 for each email address that will forward ?
I'll leave this thread open for feedback from the original poster, but here's a quote from the initial post that explains this part in more detail:

First you need to create a Connector in the Exchange Online ECP. Tell the connector to be used only when a transport rule is set up (we will create that later). Specify the on-premise IP address of your email server and the desired TLS configuration, if any. Then go to Recipients -> Contacts and create new contacts for every single email address you want to use, eg [email protected], [email protected], etc. Last, go to Mail flow -> Rules and create a new rule for every contact you created. The rule should tell that if the recipient is [email protected] then use the Connector you created.
Thank you.