Forum Discussion
How to Send-As a Distribution Group (via SSIS ScriptTask) via Exchange Online using Modern Auth?
We have a SQL Server Integration Services (SSIS) task that retrieves emails from a table in our Customer Relationship Management (CRM) system. The emails contain From:, To:, Cc, and Bcc: addresses, in addition to the body and other data. The SSIS task then reads the data, connects to a local on-premises Exchange 2016 server to send the emails, and allows the SQL Server IP address to log in anonymously and send emails as any user in the From field, provided the address is valid on the Exchange server.
We are considering removing the local on-premises Exchange 2016 server and need to modify the SSIS task to connect to Exchange Online to send the emails. We are exploring the use of Modern Authentication, App Registration, and Microsoft Graph to send the emails.
The From addresses in the CRM can be an address of a User Mailbox, Shared Mailbox, or Distribution Group. Based on my research, it appears there is no way to send emails as a Distribution Group via Microsoft Graph. Therefore, I am forced to use SmtpClient and logging in as a user with Send-As permissions on all of the groups, which has its own drawbacks.
What is the proper way to programmatically send as a Distribution Group? We have about 40 Groups we send as.
3 Replies
You can send as a DG via Graph, just need to add the From property to your request (and have Send As granted on the DG, if you are using the delegate permissions model).
If I'm understanding your correctly, This means I'm not able to use an App-Registration Credentials and that I need to 'login' to MS Graph as a user which that user has Mail.Send Permissions for the Group and not application permissions (ApplicationAccessPolicy and client credentials).
So the user I'd need to login as would need to have MFA disabled, I'd need to store its password, etc in Key vault that the App-registration Client can get to.
then crate the ,mail payload and just include the From in the payload:{ "message": { "subject": "Hello from the DG", "body": { "contentType": "HTML", "content": "<p>This is a test from the email address removed for privacy reasons distribution group</p>" }, "from": { "emailAddress": { "address": "email address removed for privacy reasons" } }, "toRecipients": [ { "emailAddress": { "address": "email address removed for privacy reasons" } } ] }, "saveToSentItems": "true" }You can use application permissions. As you still need to use the /users/{id}/sendMail endpoint, a valid mailbox must exist, but other than that, no dependence on user credentials or anything.
