How to set up an SMTP relay in Office 365

Article ID: 2600912 - View products that this article applies to.
This article discusses Microsoft Office 365, Microsoft Office 365 Preview, and Microsoft Office 365 pre-upgrade. The information about Office 365 Preview in this article is provided as is and is subject to change without notice. This includes any links.

Not sure what release of Office 365 you're using? Go to the following Microsoft website:
Am I using Office 365 after the service upgrade?
(http://office.microsoft.com/redir/HA103982331.aspx)
Expand all | Collapse all

On This Page

INTRODUCTION

This article describes how to set up a Simple Mail Transfer Protocol (SMTP) relay in Microsoft Office 365. It describes how to set up Microsoft Exchange Online as an SMTP relay to send email messages to remote domains and to users in your Office 365 organization.

You may want to do this in scenarios in which you no longer have an on-premises messaging environment, such as Microsoft Exchange Server, and in which you have on-premises line-of-business (LOB) programs that have to send email messages to remote domains and to your migrated cloud mailboxes.

Important If you want on-premises LOB programs to send mail only to your migrated cloud mailboxes and not to remote domains (that is, domains for which you aren't authoritative in Exchange Online), you don't have to follow the steps in this article. Instead, see the following Microsoft Knowledge Base article:
2799338
(http://support.microsoft.com/kb/2799338/ )
How to enable on-premises applications and devices to send mail to Office 365 users
Back to the top | Give Feedback

MORE INFORMATION

SMTP relay settings for Office 365

To set up an SMTP relay in Office 365, you must have the following:
  • A user who has an Exchange Online mailbox
  • The SMTP set to port 587
  • Transport Layer Security (TLS) encryption enabled
  • The mailbox server name

Set up an SMTP relay in Office 365

Step 1: Obtain the SMTP server setting

To obtain the SMTP server setting, follow these steps:
  1. Sign in to Outlook Web App.
  2. Take one of the following actions:
    • In Office 365 or Office 365 Preview, click Settings (
      Collapse this imageExpand this image
      ), and then click Options.
    • In Office 365 pre-upgrade, click Options, and then click See All Options.
  3. Take one of the following actions:
    • In Office 365 or Office 365 Preview, in the left navigation pane, click Account, and then click Settings for POP and IMAP access.
    • In Office 365 pre-upgrade, in the left navigation pane, click Account, click My Account, and then, in the Account Information area, click Settings for POP, IMAP, and SMTP access.
  4. Note the SMTP server setting information that's displayed on this page.

Step 2: Create a user who has an Exchange Online mailbox

To do this, use one of the following methods:
  • If you're in a hybrid deployment or if you're using directory synchronization, create the user in Active Directory Domain Services, Exchange Management Console, Exchange Admin Center, or Exchange Management Shell, depending on your version of Exchange Server. Run directory synchronization, and then activate the user by using an Exchange Online license. 

    Note The user must not have an on-premises mailbox.
  • Create the user by using the Office 365 portal or by using the Windows Azure Active Directory Module for Windows PowerShell, and then assign the user an Exchange Online license.

Step 3: Set up the Internet Information Services (IIS) SMTP relay server

To set up Internet Information Services (IIS) so that your LOB programs can use the SMTP relay, follow these steps. 
  1. Install IIS on an internal server. During the installation, select the option to install the SMTP components.
  2. Open IIS Manager, expand Default SMTP Virtual Server, and then click Properties.
  3. Click the Access tab, and then click Relay.
  4. In the Select which computers may relay through this virtual server area, click Only the list below, and then enter the IP addresses of the on-premises LOB devices and application servers that will relay through the SMTP server.

    Warning Make sure that you enter only the IP addresses of the devices and servers that you trust. This setting lets mail that's coming from these sources be relayed to any destination. In effect, this makes the on-premises server that is running IIS an open relay.
  5. On the Access tab, click Authentication, make sure that the Anonymous access check box is selected, and then click OK.
  6. Click the Delivery tab, click Advanced, and then, under Smart host, enter the fully qualified domain name (FQDN) of the SMTP server from "Step 1: Obtain the SMTP server setting".
  7. On the Delivery tab, click Outbound Connections.
  8. in the TCP Port box, type 587, and then click OK.
  9. On the Delivery tab, click Outbound Security, and then take the following actions:
    1. Click Basic Authentication.
    2. In the User name box, type the user name of the Office 365 user.
    3. In the Password box, type the password of the Office 365 user.
    4. Click to select the TLS encryption check box, and then click OK.
For more information about how to set up SMTP mail in IIS, go to the following Microsoft website:
Configure SMTP Email (IIS 7)
(http://technet.microsoft.com/en-us/library/cc772058(v=WS.10).aspx)

How to support multiple email addresses

If your LOB applications send mail from email addresses that differ from the Office 365 mailbox that's used for authentication, you have to either use a mail-enabled security group or add proxy addresses to support multiple email addresses.

Note If you don't perform one of the following procedures, the LOB applications will not send mail and will return the following error message:
5.7.1 Client does not have permissions to send as this sender

Method 1: Use a mail-enabled security group

If the LOB applications send mail from email addresses that have mailboxes in Office 365, you can support multiple email addresses for relay by creating a mail-enabled distribution group and then granting it SendAs access. To do this, follow these steps:
  1. Sign in to the Office 365 portal (https://portal.microsoftonline.com
    (https://portal.microsoftonline.com)
    ) as an admin.
  2. Create a mail-enabled security group that contains all the mailboxes that have the email addresses that you want to relay to Exchange Online. To do this, follow these steps:
    • In Office 365 or Office 365 Preview, follow these steps:
      1. Click Admin, and then click Exchange to open the Exchange Admin Center.
      2. In the left navigation pane, click Recipients, and then click Groups.
      3. Click New (
        Collapse this imageExpand this image
        ), and then click Security group.
      4. In the Members area, add the mailboxes that will be used to send mail.
    • In Office 365 pre-upgrade, follow the steps at the following Microsoft website:
      Create a Security-Enabled Distribution Group
      (http://help.outlook.com/en-us/140/ff628761.aspx)
  3. Assign the mail-enabled security group SendAs permissions for the user mailbox that you created earlier in the "Step 1: Set up Internet Information Services (IIS)" section. To do this, follow these steps:
    • In Office 365 or Office 365 Preview, follow these steps:
      1. In the left navigation pane of Exchange Admin Center, click Recipients, and then click Mailboxes.
      2. Double-click the user who you created earlier in the "Step 1: Set up Internet Information Services (IIS)" section, click Mailbox Delegation, and then, in the SendAs area, add the mail-enabled security group.
    • In Office 365 pre-upgrade, follow the steps at the following Microsoft website:
      Give Users Send As Permissions
      (http://help.outlook.com/en-us/140/ff852815.aspx?sl=1)
  4. Make sure that the SMTP relay works as expected.

Method 2: Add proxy addresses

If the LOB application doesn't have mailboxes in Office 365 that are associated with the email addresses that will be used for relay, the email addresses can be added as a secondary addresses to an existing mailbox. To set up proxy addresses, use one of the following procedures: Note The domain that's associated with the email address must be a domain that was verified and accepted in Exchange Online.

Use Postfix to set up an SMTP relay in Office 365

Postfix is a third-party mail server that can be used to set up an SMTP relay for Exchange Server and Exchange Online. Currently, only specific versions of Postfix are supported to set up a relay with Exchange Online. You have to use Postfix 2.9 or a later version to set up an SMTP relay with Exchange Online.

For more information, go to the following Postfix website:
http://www.postfix.org/BASIC_CONFIGURATION_README.html
(http://www.postfix.org/BASIC_CONFIGURATION_README.html)
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
Back to the top | Give Feedback

Still need help? Go to the Office 365 Community
(http://community.office365.com/)
website.
Back to the top | Give Feedback

Properties

Article ID: 2600912 - Last Review: March 8, 2013 - Revision: 13.0
Applies to
  • Microsoft Office 365 for enterprises (pre-upgrade)
  • Microsoft Office 365 for education  (pre-upgrade)
  • Microsoft Exchange Online
  • Microsoft Office 365 Enterprise preview
  • Microsoft Exchange Online preview
Keywords: 
o365 o365a o365e o365022013 after upgrade o365062011 pre-upgrade o365m kb3rdparty KB2600912
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top