Email messages are sent to restricted groups in Office 365 Dedicated/ITAR

Symptoms
After directory synchronization to Azure Active Directory (Azure AD) is enabled for Microsoft Office 365 Dedicated/ITAR customers, you discover that email messages from the Internet can be sent to restricted groups.
Cause
This issue occurs if the msExchRequireAuthToSendTo property is not set to True.

Note Directory synchronization to Azure AD requires the msExchRequireAuthToSendTo property be set to True in order to restrict external recipients from sending email messages to distribution groups. When Microsoft Managed Services Service Provisioning Provider (MMSSPP) is used to synchronize to Office 365 Dedicated/ITAR managed environments, a value of Null in the on-premises environment sets the msExchRequireAuthToSendTo property to True in the managed environment.
Resolution
For all groups that should restrict external senders, you must explicitly set the msExchRequireAuthToSendTo property to True in their on-premises Active Directory environments. In Exchange Server, this property is called RequireSenderAuthenticationEnabled.
Properties

Article ID: 3098063 - Last Review: 09/23/2015 22:52:00 - Revision: 1.0

Microsoft Business Productivity Online Dedicated, Microsoft Business Productivity Online Suite Federal

  • vkbportal226 KB3098063
Feedback