United Kingdom | The Brand Dilemma

Joseph Cirillo - 03.11.202220221103

The Brand Dilemma

United Kingdom | The Brand Dilemma

Many organisations (which I will refer to as ‘Corporate’) have subsidiary companies (which I will refer to as ‘Subsidiary’) which operate as individual entities owning and managing their own IT systems and solutions within their own company boundaries.

Although a Subsidiary company operating as an individual entity is not an issue, one challenge does surface when one or more of the following scenarios occur:

  • Both Corporate and Subsidiary are both operating their own on-premises Exchange Server systems.
  • A Subsidiary shares a common SMTP brand (i.e., SMTP domain) with Corporate. More specifically, both Corporate and Subsidiary mailboxes have their Primary Email Addresses (Reply-To addresses) using the same ‘global_brand.com’ SMTP domain.
  • Both Corporate and Subsidiary are looking to migrate their mailboxes to their own unique Microsoft 365 (M365) tenants.

SHARED SMTP DOMAIN CONFIGURATION

With both the Corporate and Subsidiary operating their own on-premises Exchange Server systems, the ability to have both Corporate and Subsidiary users sending as the ‘global_brand.com’ SMTP domain is possible. At a high level, one procedure to configure a shared SMTP domain between on-premises Exchange Server systems is the following:

  1. Configure ‘global_brand.com’ as an Accepted Domain in both the Corporate and Subsidiary on-premises Exchange Server systems.
  2. Assign a ‘global_brand.com’ Primary Email Address (Reply-To address) to the mailboxes homed on both Corporate and Subsidiary on-premises Exchange Server systems.
  3. Assign an additional ‘sub_brand.com’ email address (proxy address) to the mailboxes in Subsidiary.
  4. Utilise Corporate as the first-hop system for all inbound messages being delivered to ‘global_brand.com’ email addresses.
  5. Utilise Corporate as the relay system for all messages destined for a Subsidiary mailbox.
  6. Create Contact objects in Corporate which represents each Subsidiary mailbox.
  7. For each Contact object, set the Primary Email Address (Reply-To address) to the ‘global_brand.com’ email address.
  8. For each Contact object, set the forwarding address (ExternalEmailAddress) to the ‘sub_brand.com’ email address.
  9. Create an SMTP Send Connector from the Corporate source servers to the Subsidiary destination servers to route messages to Subsidiary recipients using the ‘sub_brand.com’ email address.

Based on the above step-by-step process, the following diagram shows the path an externally generated email message sent to Subsidiary user Bob would follow.

  1. Message addressed to Subsidiary user Bob using his bob@global_brand.com email address.
  2. Message flows through the Corporate message hygiene system.
  3. Message is delivered to the Corporate Exchange Server system.
  4. The Corporate Exchange Server does not find a local mailbox for Bob, however, does find Bob’s contact object.
  5. The Corporate Exchange Server relays the message to the Subsidiary Exchange Server system using Bob’s bob@sub_brand.com forwarding email address.
  6. The message is delivered to Bob’s mailbox.
United Kingdom | The Brand Dilemma

The flexibility of sharing a common SMTP domain across on-premises Exchange Server systems does not exist within the Microsoft 365 (M365) cloud. With M365, a tenant is the logical boundary for security, policy and administration, thus an SMTP domain can only be activated in a single tenant.

Note: Although Microsoft does have SMTP domain sharing on their roadmap (Feature ID: 67161: Exchange: Microsoft 365 cross-tenant SMTP domain sharing in private preview), it is still in development.

Before we explore the brand configuration options available to the Subsidiary for their move to M365, let us summarise what we know:

  • The Corporate on-premises Exchange Server system has ‘global_brand.com’ configured as an Accepted Domain.
  • The Subsidiary on-premises Exchange Server system has ‘global_brand.com’ configured as an Accepted Domain.
  • Corporate mailboxes are using the ‘global_brand.com’ SMTP domain as their Primary Email Address (Reply-To address).
  • Subsidiary mailboxes are using the ‘global_brand.com’ SMTP domain as their Primary Email Address (Reply-To address).
  • Microsoft does not allow the same SMTP domain (i.e., ‘global_brand.com’) to be activated in multiple disparate tenants.
  • The ‘global_brand.com’ SMTP domain will be a registered domain in the Corporate M365 tenant thus, the ‘global_brand.com’ SMTP domain cannot be activated in the Subsidiary M365 tenant.

To move an on-premises Subsidiary mailbox to M365 using the hybrid mailbox move process, the ‘global_brand.com’ email address must be stripped from the Subsidiary mailbox since it is not an active domain in the Subsidiary M365 tenant (Troubleshoot migration issues in Exchange hybrid – Exchange | Microsoft Docs). Accordingly, if the Subsidiary moves to their own M365 tenant, Subsidiary users’ Primary Email Addresses (Reply-To addresses) would need to change from ‘global_brand.com’ to ‘sub_brand.com’. Thus, all messages sent from the Subsidiary mailboxes will be branded with the ‘sub_brand.com’ SMTP domain.

OPTIONS FOR RESOLUTION:

Before the Subsidiary can migrate their mailboxes to M365, a decision must be made by the Corporate and Subsidiary on brand relevancy and how Subsidiary branding will be managed going forward. The options available to the Subsidiary are as follows:

  • Migrate Subsidiary mailboxes into the Corporate M365 tenant. This option allows Subsidiary to retain their existing brand, ‘global_brand.com’ and maintain their existing Client experience.
  • Rebrand Subsidiary to ‘sub_brand.com’ and migrate Subsidiary mailboxes to Subsidiary M365 tenant. All future messages will be sent using the ‘sub_brand.com’ SMTP domain. This option requires the Subsidiary communicate their brand change to their Clients.
  • Rebrand Subsidiary to ‘sub_brand.com’ and migrate Subsidiary mailboxes to Subsidiary M365 tenant. Additionally, subscribe Subsidiary to an Address Rewrite service offered through a third-party provider. All inbound and outbound email sent to or from the Subsidiary messaging environment would need to be routed through the Address Rewrite service. The Address Rewrite service would replace the ‘sub_brand.com’ domain with the ‘global_brand.com’ for messages sent from the Subsidiary users. This option allows Subsidiary to maintain their existing Client experience.

For organisations operating like Corporate and Subsidiary, it is important to remember you cannot configure multiple Office 365 tenants with the same SMTP domain. This restriction forces entities like Subsidiary to either merge with Corporate, rebrand or implement some advanced configuration like Address Rewrite.

Unfortunately, this does bring us to the end of this blog insight. I hope you found it useful. If you would like to request any further information, please contact us. You can also learn more about planning for tenant migrations in this article Microsoft 365 Tenant Migration Planning: Part 1.

THANK YOU FOR YOUR SUBMISSION!

United Kingdom | The Brand Dilemma

The form was submitted successfully.

Join the Insentra Community with the Insentragram Newsletter

Hungry for more?

If you’re waiting for a sign, this is it.

We’re a certified amazing place to work, with an incredible team and fascinating projects – and we’re ready for you to join us! Go through our simple application process. Once you’re done, we will be in touch shortly!

Who is Insentra?

Imagine a business which exists to help IT Partners & Vendors grow and thrive.

Insentra is a 100% channel business. This means we provide a range of Advisory, Professional and Managed IT services exclusively for and through our Partners.

Our #PartnerObsessed business model achieves powerful results for our Partners and their Clients with our crew’s deep expertise and specialised knowledge.

We love what we do and are driven by a relentless determination to deliver exceptional service excellence.

United Kingdom | The Brand Dilemma

Insentra ISO 27001:2013 Certification

SYDNEY, WEDNESDAY 20TH APRIL 2022 – We are proud to announce that Insentra has achieved the  ISO 27001 Certification.