Forum Discussion
SMTP Settings to enable other app (Acronis TI) to send email via M365
Hi all,
I have recently moved from M365 Personal to Business. I also use Acronis True Image which needs the following SMTP settings to send notifications by email:
Server settings:
Outgoing mail server (SMTP) name
Port
Encryption
SMTP authorisation:
Username and password
Optional - Log on to incoming mail server:
POP3 server and Port
I have found various (conflicting) settings on the web (including adding Authenticated SMTP in the M365 Mail settings for the user) but none work.
Can anyone help?
- Thanks but I have just discovered that it isn't actually possible at present. It seems that "Microsoft is stopping the Basic Authentication for Microsoft 365" per Acronis Development team who say they are planning to support specifying any SMTP server to send emails in the future.
- rikazkhan7Copper ContributorPort: The port number is the communication endpoint on the server. For secure SMTP connections (using TLS/SSL), the standard port is 587.
Encryption: Encryption ensures that your email communication is secure. For Microsoft 365, TLS (Transport Layer Security) encryption is commonly used.- Mike_Stanley_MASCSCopper ContributorThanks but I have just discovered that it isn't actually possible at present. It seems that "Microsoft is stopping the Basic Authentication for Microsoft 365" per Acronis Development team who say they are planning to support specifying any SMTP server to send emails in the future.
- VictorS_MS_PartnerCopper Contributor
I work mainly with M365 Enterprise but hopefully at least some of the following is also applicable to M365 Business.
If you are sending only to email addresses in your domain and if your Internet service provider (ISP) does not block outgoing port 25 (most business-class ISPs allow it by default or upon request), then you should be able to use the same SMTP server that's configured in your MX record. You would use port 25 and no authentication. It would be like any other email server on the Internet except for the following accomodations:- If the From address also uses your domain, you will need to do one or more of the folllowing:
- Add an exception to allow spoofing that address from your IP address.
- If M365 Business allows it, configure a connector for it in Exchange Online, which you probably want to do anyway to ensure TLS is enforced. To prevent others from using it to spam or phish you, limit connection to it by, for exqmple, allowing only your IP address.
- Create a mail flow rule to have those emails bypass spam filtering. I recommend multiple conditions such as the sender's From address, a unique header that Acronis TI might include in the email, or the hostname of the sending conputer if it's included in the headers. If you use the Outlook app for your M365 email, the Outlook add-in Message Header Analyzer by Stephen Griffin makes it easy to view the headers. You can also see the Internet headers by look8ng at the Properties of the email.
- If the From address does not use your domain, you will likely need to have it bypass spam filtering.
If you plan on configuring other apps or devices in the future to send emails to yourself, you may want to set up a local SMTP relay to relay emails to M365. Allow it to send emails to the Internet/M365 but otherwise make sure to not allow any incoming connections to it from the Internet; you do not want to accidentally set up a public open relay. Low volume SMTP relaying is very light on resources so the server can be set up using an old computer or in a virtual machine. You can use Windows Server and IIS's SMTP server or, if licensing costs are an issue, use Linux with an open source email server.
- Mike_Stanley_MASCSCopper ContributorThank you. I have been able to make this work with the address from the MX record and Port 25 as you suggested.
Initially emails were not being delivered, and were shown in the message trace as "Resolved" rather than "Delivered" - unsure what this is trying to tell me! However, I created a rule to forward any messages with the "Acronis True Image notification" in the subject to my email address even through that was where they were already address to and this seems to work. I'm not sure why but I suppose I should be happy with that! Thank you for your help. - Mike_Stanley_MASCSCopper ContributorI have one small point remaining. Emails are arriving correctly but are flagged (i) We could not verify the identity of the sender. I have to change the settings to make M365 recognise these emails as OK but with no success. Not a huge problem but if you can suggest anything I would be appreciative.
- VictorS_MS_PartnerCopper Contributor
Mike_Stanley_MASCS It says that because it can’t verify SPF, DKIM, and/or DMARC. If the From address uses your domain name and you have an SPF record configured in DNS for your domain, you can add the external sending IP address(es) to your SPF record. Just keep in mind that you will need to update your SPF record if the IP address ever changes.
If you don’t have an SPF record or can’t update it, you may be able to update the spoofing configuration in Microsoft 365, but I haven’t had to do that myself in some time so am not sure what steps are involved. You can also try adding the From address to your Safe Senders list in Outlook but, if I recall correctly, it probably won’t help.
- If the From address also uses your domain, you will need to do one or more of the folllowing: