I've setup amazon SES to send to external email-addresses with no problem. My domain is verified, DKIM and spf are set and working, but when I try to send an email using SES to my own organisation that is running exchange-2010, I get a bounce with error:
550 5.7.1 Client does not have permissions to send as this sender
First thing I tried was to enable MAIL FROM domain in SES, using this guide: https://slecuona.wordpress.com/2016/04/28/configuring-a-custom-mail-from-on-aws-to-avoid-exchange-error/
This guide also describes my problem very well. But it didn't make any difference.
My hunch is that exchange is blocking it because the mailbox "send-as permission" are set to only NT Authority\Self.
Looking at the microsoft docs: https://learn.microsoft.com/en-us/exchange/mail-flow/connectors/allow-anonymous-relay?view=exchserver-2019 this seems to be a solution, but it's IP-based, while the solution should be DNS based. Are there other users or groups I can add to user's send-as permissions to solve this, or any other solution?
