M365 Changelog: (Updated) Sender Rewriting Scheme (SRS) Expanding to SMTP/Mailbox Forwarding

MC649482 – Updated November 7, 2023: Microsoft has updated the rollout timeline below. Thank you for your patience.

Microsoft is constantly working on making our service better and more efficient. As part of that, Microsoft is making changes to forwarding in Exchange Online that it has been working towards for some time. This will result in all forwarded messages being rewritten with Sender Rewriting Scheme (SRS).

Starting in mid-August, Microsoft will be further consolidating our rewriting feature for messages that are automatically forwarded outside of Exchange Online. Not all forwarded messages are rewritten using SRS today. For example, messages forwarded with SMTP or mailbox forwarding have their P1 Mail From address replaced with the forwarding mailbox address today. This will be changing, and SRS rewriting will be used instead. The change will be rolled out slowly and it may take time to reach your organization.

When this will happen:

Microsoft will begin rolling out in mid-August and expect to complete rollout by late October.

How this will affect your organization:

This behavior change may impact systems relying on the P1 Mail From address. All messages that are forwarded externally from Exchange Online to the internet will be subject to SRS rewriting. Messages that will see a change in behaviour include those forwarded externally by SMTP or mailbox forwarding, or by Mail Contacts or Mail Users with external addresses. The risk of mail flow impact by changing from the current rewriting method to SRS depends on a few factors including your tenant configuration. Here are a few factors in more detail:

Firstly, any rules that have been set up in your tenant that are dependent on the P1 Mail from address, SRS introduces a rewritten address that will neither be a user in your tenant nor use one of your own domains. If you need a rule to act on the mailbox responsible for the forwarding, you should use the Resent-From header. Any mail servers or devices that have been configured to rely on the P1 Mail From address could also be affected.

Secondly, SRS is not always used to rewrite all forwarded messages. As mentioned in the SRS documentation, the new Relay Pool feature decides whether a message should be rewritten or not. One scenario this applies to is when the incoming message did not pass our SPF check in the first place. The list of conditions that skip SRS rewriting can be found in the Relay Pool documentation: Outbound delivery pools 

Lastly, SRS does not act on traffic leaving Exchange Online using an on-premises mail flow connector. There is a risk of disruption for customers who route traffic from Exchange Online out to the internet via their on-premises servers (EXO -> On-Prem -> Internet). Forwarded messages will go out without being rewritten and could result in them being rejected by the recipients’ mail servers. This disruption would already be occurring for messages forwarded via other means such as Inbox Rules. This scenario can be addressed by following the instructions below about the new SenderRewritingEnabled setting.

Messages rewritten by SRS that are successfully delivered will have the same P2 From address of the original sender that shows up in email clients. Documentation on how SRS works here: Sender Rewriting Scheme (SRS) in Microsoft 365. 

What you need to do to prepare:

Before this change takes effect, customers who route traffic to the internet from their on-premises environment should enable the new parameter SenderRewritingEnabled on their outbound on-premises mail flow connector to avoid any disruptions.

Please click Additional Information to learn more. Sender Rewriting Scheme Upcoming Changes 

Additional information