cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Confused - need clarification

Taen keren
Steel Contributor

‎Oct 13 2019 10:08 PM - last edited on ‎May 24 2021 02:07 PM by

‎Oct 13 2019 10:08 PM - last edited on ‎May 24 2021 02:07 PM by

Confused - need clarification

I've read this article regarding  Send mail from Multiple devices/application 

 

Option 1 is the MS 'Recommended' one - but then there's this kind of "disclaimer" in the bottom: 

 

"If you happen to have an on-premises email server, you should seriously consider using that server for SMTP relay instead of Office 365"

 

Why should one "seriously consider" this? - what's 'wrong' with option 1?  

 

In this related article https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-configure-iis-for-relay-wi... 

Are the IIS option considered as the 'best solution' in 'relaying' towards O365? 

 

Looking for the 'Best' solution possible - security-wise  

 

Labels:
1,044 Views
1 Like
2 Replies
Reply
2 Replies
best response confirmed by Taen keren (Steel Contributor)
Christopher Hoard

‎Oct 13 2019 11:03 PM

‎Oct 13 2019 11:03 PM

Solution

Re: Confused - need clarification

Hi @Taen keren,

With SMTP services it is traditionally recommended to repurpose an old on premise Exchange (if in hybrid) or use a cloud server like Hyper V/Azure as it takes the load off of 365 and you have greater management (having access to IIS etc). These would then sit behind a smart host such as Mimecast to protect the domain (s) against blacklisting.

In security terms both are secure whether you go through 365 or spin up a VM with IIS. Just make sure if it’s the second option to lock down open relaying! Oh, forgot to add that the second option of the VM does have the benefit of permitting non-auth SMTP too whereas 365 does not - this is good for legacy devices and apps!

Had much fun with this in the past as you can tell! ;D

Hope that answers your question!

Best, Chris
2 Likes
Reply
Taen keren

‎Oct 13 2019 11:40 PM

‎Oct 13 2019 11:40 PM

Re: Confused - need clarification

@Christopher Hoard  - Thx - option 1 is the best then - as the 'legacy part' is not good  :) 

1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Taen keren (Steel Contributor)
Christopher Hoard

‎Oct 13 2019 11:03 PM

‎Oct 13 2019 11:03 PM

Solution

Re: Confused - need clarification

Hi @Taen keren,

With SMTP services it is traditionally recommended to repurpose an old on premise Exchange (if in hybrid) or use a cloud server like Hyper V/Azure as it takes the load off of 365 and you have greater management (having access to IIS etc). These would then sit behind a smart host such as Mimecast to protect the domain (s) against blacklisting.

In security terms both are secure whether you go through 365 or spin up a VM with IIS. Just make sure if it’s the second option to lock down open relaying! Oh, forgot to add that the second option of the VM does have the benefit of permitting non-auth SMTP too whereas 365 does not - this is good for legacy devices and apps!

Had much fun with this in the past as you can tell! ;D

Hope that answers your question!

Best, Chris

View solution in original post

2 Likes
Reply