Forum Discussion

Jason Hopp's avatar
Jason Hopp
Brass Contributor
Jun 23, 2017
Solved

SMTP relay through Office 365 from on-prem to internet

Hello, I am trying to figure out a way to send SMTP traffic to internal and external addresses from multiple programs on premise without having to setup a few hundred accounts in 365. I have sever...
office 365
  • Guy Yardeni's avatar
    Guy Yardeni
    Jun 25, 2017

    Your current setup sounds like it should work just fine based on my experience. 

     

    There are three ways to relay mail through O365 - 1. directly using an authenticated account, 2. directly using an allowed IP address, 3. indirectly using the hybrid server. If you're planning to continue to use option 3 you shouldn't need an authentication account.

     

    Are you running into issues with your current configuration?

Guy Yardeni's avatar
Guy Yardeni
Brass Contributor
Jun 25, 2017

Your current setup sounds like it should work just fine based on my experience. 

 

There are three ways to relay mail through O365 - 1. directly using an authenticated account, 2. directly using an allowed IP address, 3. indirectly using the hybrid server. If you're planning to continue to use option 3 you shouldn't need an authentication account.

 

Are you running into issues with your current configuration?

  • Jason Hopp's avatar
    Jason Hopp
    Brass Contributor
    Jun 26, 2017

    Thanks for the reply.

     

    Either I have something wrong with my config or I am missing one small detail.  Here is the config:

     

    1. I have run the HCW (without the Centralized mail transport option)

    2. Right now I have two send connectors on prem - One that point tenant.mail.onmicrosoft.com to 365 and another that point * through out firewall on prem.

     

    I have tried to change the one pointing to * to smart host - our MX record (which points to 365) or the option of 'MX records of the recipient domain'.  Neither one works for me, on my device I still get authentication needed.

     

    Not sure how the connectors need to be config'd in order to point to 365 through the Hybrid.

     

    Thanks,

    Jason H

    • Guy Yardeni's avatar
      Guy Yardeni
      Brass Contributor
      Jun 26, 2017

      To avoid any outages, I would create a new connector. Eventually you'll want to use a '*" address space but you can test with a specific domain for now. You should use a smarthost address for EOP (e.g. contoso-com.mail.protection.outlook.com). 

       

      You would also need a receive connector that authenticates the on-prem server using either an IP address (typical and likely the same configuration as your existing receive connector) or a certificate.

       

      There is additional detail provided in part 2 of this article: https://technet.microsoft.com/en-us/library/dn751020(v=exchg.150).aspx#Part2configmail

       

      Guy 

      • Jason Hopp's avatar
        Jason Hopp
        Brass Contributor
        Jun 27, 2017

        Thanks for everyone help.  The problem was I kept trying to test one mail server while keeping the other connectors live.  Disabled all connectors, point all traffice (*) to our MX record, and SMTP is working.

         

        Thanks again,

        Jason H

Resources