MDaemon® Email Server
      Back to home
      1. Knowledge Base
      2. MDaemon® Email Server

      How do I configure MDaemon and Microsoft 365 to use the same domain name?

      The following article can be followed to share users between MDaemon and Microsoft 365.

      To configure Microsoft 365 to send mail for unknown local users to MDaemon.

      1. Sign into the Microsoft 365 Administrator account
      2. Go to Admin Centers \ Exchange
      3. Go to Mail Flow \ Accepted Domains.
      4. Double click the domain to modify
      5. Select the radio button for Internal Relay
      6. Click Save
      7. Go to Connectors and click the “+” button.
      8. In the From drop down select Microsoft 365
      9. In the To drop down select “Your organization’s email server”
      10. Click Next
      11. Enter a Name and a Description
      12. Click Next
      13. Select Only when email messages are sent to these domains.
      14. Click the “+” button
      15. Enter the shared domain name.
      16. Click Next
      17. Click the “+” button
      18. Enter the FQDN of the MDaemon email server.
      19. Click Next
        • This menu displays the SSL/TLS configuration to connect to the mail server.  We recommend selecting Next, but settings can be adjusted to work best in your environment.
      20. Click Next
      21. Click the “+” button
      22. Enter an email address to validate the connection.
      23. Click OK
      24. Click OK
      25. Click Validate
      26. Click Close
      27. Click Save


      To configure Microsoft 365 to send outbound email to MDaemon

      1. Sign into the Microsoft 365 Administrator account
      2. Go to Admin Centers \ Exchange
      3. Go to Mail Flow \ Connectors
      4. Click the “+” button
      5. Enter a name and description then click Next
      6. Select only when email messages are set to these domains
      7. Click the “+” button
      8. Enter “*” and Click OK
      9. Click Next
      10. Select Route email through these smart hosts
      11. Click the “+” button
      12. Enter the FQDN of your MDaemon server
      13. Click Next
        • We recommend that TLS is used with the default settings.  Environments may vary and configurations can be modified here.
      14. Click Next
      15. Click Next
      16. Click “+” and Enter an address to validate the connector
      17. Click OK
      18. Click OK
      19. Click Validate
      20. Click Close
      21. Click Save


      MX Records should be setup to point to MDaemon.  MDaemon will need to properly handle email for the Microsoft 365 accounts.  We recommend that you create accounts for all users of the domain in MDaemon.  Accounts for users that will be retrieving their email from Microsoft 365 should be configured to forward all mail to Microsoft 365.

      For example, we have a domain test.com setup with accounts in MDaemon and in Microsoft 365.  User1@test.com retrieves their email from MDaemon, user2@test.com retrieves their email from Microsoft 365. 

      MDaemon should have accounts for user1@test.com and user2@test.com.  The account for User2@test.com needs to be configured to forward all mail to the Microsoft 365 host name.  To do this open the MDaemon configuration session and go to: 

      1. Select Accounts / Account Manager
      2. Select the User2 account
      3. Click Edit to bring up the Account Editor
      4. Select Forwarding
      5. Check the box to enable forwarding
      6. Enter the forwarding address as user2@test.com
      7. In the Domain, [Host], or IP field enter test-com.mail.protection.outlook.com (The host name will need to be changed for the shared domain.)
      8. Uncheck the box to retain a local copy of forwarded mail.
      9. Click OK 

      MDaemon should be configured to use the local address in the SMTP envelope when forwarding mail.

      1. Select Security / Security Manager / Sender Authentication / SPF Verification
      2. Verify Use local address in SMTP envelope when forwarding messages is enabled.

      MDaemon must be configured to allow Microsoft 365 to send email as a local user without the need to authenticate. 

      1. Open MDaemon and select Security / Security Manager / Sender Authentication / SMTP Authentication
      2. Click the check box next to ...unless message is to a local account to enable the exclusion.
      3. Click Apply

      When enabling the above option, the IP Shield should be utilized to prevent any other local to local messages that are not authenticating.  Adding the domain/IP pairs to the IP Shield and bypassing the IP Shield with authenticated sessions will prevent this.

      1. In MDaemon select Security / Security Manager / Sender Authentication / IP Shield
      2. Check the box to Enable IP Shield  
      3. Check the box for Do not apply IP Shield to Authenticated sessions
      4. Add Domain/IP pairs for all of the IP address ranges used by Microsoft 365
        • In most cases the domains are spf.protection.outlook.com and spfd.protection.outlook.com