This article will help you configure mail routing during the hybrid migration process from your on-premises mail server to Exchange Online (Microsoft 365). This will ensure zero interruption for your mail flows when some of your user mailboxes will be On-premises while the others have been migrated to Exchange Online.


Today, we will cover a scenario where your organization has Exchange Server 2016 On-premises and are planning to migrate to Exchange Online (Microsoft 365) via the hybrid migration, without any 3rd party tools or services.

This involves the process of running the exchange hybrid configuration wizard.

For this scenario, centralized routing is disabled (centralized routing is recommended only for compliance requirements).


  • Migration Roster – We need a migration roster that will help us configure and maintain mail routing as the migration progresses.


Mailbox Type

Mailbox Size (GB)

Migration Date

Successful (Y/N)

John Doe



12th May 2021


Bill Gates



14th May 2021

  • Security requirements of Accounts – The accounts performing these operations needs to be exchange server administrators on the On-premises server and Exchange Admin Role in Microsoft 365
  • DNS access – The account must have access to the Public DNS for making changes to the MX Records
  • Security Groups – We would need a Mail enabled O365 Security Group for non-migrated users, which will be updated every time users are migrated to the cloud for configuring the mail routing.

Configuration Steps

Create a Send Connector

  1. To begin with, we need to create a Send connector in the exchange admin center that will be used to route emails from M365 to your On-premises server. (Note: The Hybrid Configuration wizard will create the connectors for you by default. In case you want to make changes to the connector for TLS etc., you can either create a new connector or edit the existing one.)
  • Click on Add a connector on the next screen.
  • Select Office 365 under Connection from and the Connection to, should be set to Your organization’s email server and Hit next.
  • In the next screen specify the Name of the connector and Description (optional) and click Next
  • Ensure to select the option Only when I have a transport rule… and hit next.
  • Specify the smart host address or IP address of your on-premises mail server for routing.
  • In the next screen, ensure to enable TLS
  • Validate the email.
  • The summary of your connector should look something like this before you hit the create button.

Create a Transport Rule

We will create a transport rule to route mails from Microsoft 365 to your On-premises for all users whose mailbox is still in an On-premises environment.

    • Navigate to Rules under the Mail Flow section.
  • Click on the + option to create a new rule…
  • In the next screen click on more options
  • Chose the option – Apply rule if – The recipient… is a member of this group.
  • In the next windows search for the mail enabled security group that you have created for non-migrated users as per the prerequisites.
  • The next step would be to add the action to redirect the message to send connected we created earlier as shown below.
  • Hit the Save the button on the next screen to complete the rule creation.

Update the MX record to point to M365

  • We will be updating the MX record in your public DNS from your existing mail servers to M365 from the M365 Domain setup wizard.
  1. Follow the below link to generate and update the MX Record for your tenant.
  2. Add an MX record for email (Outlook, Exchange Online)



Written By-  Aneesh Kumar

(Microsoft 365 Solution Architect)

Written By-  Aneesh Kumar

(Microsoft 365 Solution Architect)


Peer Reviewed By-  Jasjit Chopra


Peer Reviewed By-  Jasjit Chopra



Graphics Designed By- Sanika Sanaye

(Creative Design Director)

Graphics Designed By- Sanika Sanaye

(Creative Graphic Designer Trainee)

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Connect with us