Inbound messages from the Internet
You must manually configure your MX record if you want to change how your inbound Internet mail is delivered.
- If you change your MX record to point to the Exchange Online Protection service in Office 365
- If you decide to keep your MX record pointed to your on-premises organization
Scenario 1: MX record point to the Exchange Online Protection (EOP) service in Office 365:
Centralized mail transport is Disabled
Internet -> EOP ->Exchange Online -> Deliver the email to O365 user.
Internet -> EOP ->Exchange Online -> EOP->Exchange Server -> Deliver the email to On-Prem user.
Centralized mail transport is enabled
Internet -> EOP -> Exchange Server -> Deliver to On-Prem User.
Internet -> EOP -> Exchange Server -> EOP -> Deliver to O365 User.
Scenario 2: MX record point to the Exchange On-Premises:
Internet -> Exchange Server -> Deliver to On-Prem User.
Internet -> Exchange Server -> EOP -> Exchange Online -> Deliver to O365 User.
Outbound messages to the Internet
When you run the Hybrid Configuration wizard, you can select one of two options:
- Don’t enable centralized mail transport: Selected by default in the Hybrid Configuration wizard, this option routes outbound messages sent from the Exchange Online organization directly to the Internet. Use this option if you don’t need to apply any on-premises compliance policies or other processing rules to messages that are sent from recipients in the Exchange Online organization.
- Enable centralized mail transport: Selecting this option routes outbound messages sent from the Exchange Online organization through your on-premises organization. Except for messages sent to other recipients in the same Exchange Online organization, all messages sent from recipients in the Exchange Online organization are sent through the on-premises organization. This enables you to apply compliance rules to these messages and any other processes or requirements that must be applied to all of your recipients, regardless of whether they’re located in the Exchange Online organization or the on-premises organization.
Scenario 1: Centralized mail transport disabled
Exchange Online User -> Exchange Online -> Scan -> EOP -> MX Lookup -> Deliver to the Internet User.
Scenario 2: Centralized mail transport Enabled
Exchange Online User -> Exchange Online -> Scan -> EOP -> Exchange Server -> MX Lookup -> Deliver to the Internet User.
Ref: https://docs.microsoft.com/en-us/exchange/transport-routing