Managing accepted domains in Office365

Share this:

When enabling EOP (Exchange Online Protection) the administrator is able to configure the mail flow to accept all messages from any given domain and then forward to the on-premises environment, or validate if the recipient is valid at Office365 and only the valid messages will be send through the connector to the on-premises environment.  Both scenarios are valid and configured at accepted domain level in Exchange Online.


The ideal scenario is to be more restrictive at EOP/Office 365 level, however that can be done if the directory synchronization between on-premises and Office365/Azure is working properly. In some cases, especially when it is a new configuration the administrator may want to relax that filtering and allow all traffic to that specific domain to go through.

Using Exchange Admin Center, the administrator can define the domain to be either Internal Relay (it will allow all traffic to that domain to go through) or Authoritative (where only if the user exists in Office365 will allow the message to go through).

How to configure it? That’s a piece of cake, logged on Exchange Admin Center, click on mail flow (Item 1), click on Accepted domains (Item 2), then double click on the desired domain (item 3), and finally change the domain type (item 4). Save it, and wait a little bit for the changes to take effect.


Written by Anderson Patricio

Anderson Patricio

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange and several other certifications. Anderson has been contributing to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at,, and Anderson (Portuguese).

Related Post

How to delete the default domain in Exchange Serve... Removing the default domain in Exchange Server 2016 using Exchange admin center. Solution When Exchange Server is deployed the default domain ...
Managing Directory Based Edge Blocking (DBEB) feat... The DBEB feature is a powerful resource for Exchange Administrators that are using Exchange Online Protection where only the valid e-mail addresses in...
Quarantine messages in Exchange Online Protection ... In this Tutorial we are going to check the required steps for an end-user to check its quarantine messages in EOP.  In some customers, I see the ...
Using EOP to block messages based on country/langu... An administrator can take advantage of the international spam feature of EOP to block messages written or sent from certain countries. Solution ...