How to relay emails from application using Office 365 | Client Submission, Direct Send, Smtp Relay

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi guys i hope you all are doing well and welcome to my channel in this particular video we will be discussing how to set up a device or an application to send emails using office 365. we will talk about three types of email relay methods smtp auth client submission direct send and smtp relay we will discuss what is the difference between these three methods and we will configure these methods one by one to send emails from an application you can come across a scenario where you have a device in your on-premise environment like a printer that sends the printed documents in emails to the internal and external users but let's say all of the mailboxes are hosted in office 365 and you have an application in your on-premise that sends invoice emails to these office 365 users so in these scenarios office 365 allows you to use one of these three options in your application to relay emails these options are smgp auth client submission direct send and smtp relay you can configure any one of these three settings in your application and you can relay emails to the users but the question is which option out of these three you should choose so let's talk about these three options in detail client submission method is suitable for you when your requirement is to send emails to internal and external users if you want to use smgpot client submission method you need to make sure that modern authentication is enabled for the account that you want to use to send emails from your device in smgpot client submission method you cannot use the password of the mailbox account you need to enable multi-factor authentication on the account and you need to create an app password for that account and you will use that app password to authenticate the user in your application or in the device i will show you this practically as well and things will be more clear and remember security defaults are not supported in smtp auth client submission if you want to use smtpot client submission method to relay emails you need email address and app password of a mailbox that is hosted on office 365. if you want to use smtp auth client submission make sure smtp authentication is enabled on the mailbox and on the organization level you need to make sure that the device that you are using to relay emails it should support tls 1.2 if this device doesn't support tls 1.2 then you can either use direct send or smtp relay smgp auth client submission doesn't allow to send bulk emails if your requirement is to send bulk emails from the device you can use direct send method client submission uses the credentials of a mailbox that is hosted on office 365 to connect to office 365 servers if the email address or the app password of this account is not configured properly in that case you will not be able to connect to office 365 servers and once you are authenticated with office 365 mailbox credentials you can send emails to internal and external users this communication works on port 587 if your application is hosted in azure you can use this option to send emails from that application because 587 port is open in azure but port 25 remains blocked now let's talk about the second relay method that is direct send you can use direct send option if smtp authentication is disabled in your tenant and you do not want to enable smtp authentication you can use this method if your device doesn't support tls 1.2 you can use direct send option if you want to send emails only to internal users because direct send option doesn't allow to send emails to the external users so by using this option you can send emails only to office 365 users direct send option is suitable if your requirement is to send bulk emails or newsletters but if you want to use direct send option you need a static public ip address for your device or the application that will be used to relay emails because when you will be sending emails from the device using direct send method you will be connecting to the mx record of your office 365 domain and you need to publish an spf record for that domain that will include the ip address of the device or the application from where you will be relaying the emails if you will not configure spf record the emails that you will send from the application these emails will be delivered to the junk folder of the users in direct send method you can use any email address of your office 365 accepted domain this email address doesn't need to have a mailbox you can use any email address that is using one of the accepted domains in your office 365 tenant in direct send option you use mx record of your office 365 domain to connect to your office 365 tenant this communication works on port 25 so you need to make sure that port 25 is open on your network and as we discussed you cannot send emails to the external users using direct send method in case you will send emails to the external users you will receive an ndr or non-delivery report the third option is smtp relay you can use smtp relay if your device or the application doesn't support tls 1.2 you can use smgp relay if you want to send emails to internal and external users in smtp relay method you can use any email address of office 365 accepted domains in your device to send emails it is not mandatory for the email address to be associated with a mailbox but this email address should be using one of your accepted domains in office 365. in smtp relay you need to use a static ip address because you need to add the static ip address of your device in the spf record so that you can tell the recipient's email servers that any email that is coming from this ip address is a legitimate email smtp relay method is more difficult than direct send and client submission because in smtp relay you create a mail flow connector in office 365 with the public ip address or a tls certificate in smtp relay you connect to your office 365 tenant using the mx record of your domain and this communication occurs on port 25 so again you need to make sure that port 25 is open on your network in smtp relay authentication is performed by the office 365 connector using the ip address of your device that you configure within the connector and basis on this authentication the emails are sent to the external recipients as well so now let's move towards our lab and let's configure these settings one by one i have already created one account with named test user one and this account is using one of the accepted domains in my challenge and the license that is assigned to this account is office 365 e3 i will be using this account in application to relay emails i have already enrolled mfa on this account and app password is already created for this account next we will go to public dns and we will modify spf record for this domain let's go to spf record so as of now this value is for office 365 tenant but here we will use the ip address that will be used by the application and i can find this from here what is my ip like this and click save so we have modified the spf record as well next we need to make sure that port 25 is open on the network so you can go to any port checker online tool and open the tool type the port number and make sure this is your static ip address and then click check it says port 25 is open on your static ip address now if you want to relay emails using client submission method you need to verify if smgp client authentication is enabled on your tenant and on the mailbox that you will be using to relay emails so let's go to powershell and let's connect to exchange online module so i'm connected to exchange online module we can verify by running any exchange online command get iphone mailbox now if you want to verify if smgp client authentication is enabled on organization level you can run get hyphen transport config pipe fl and look for attribute that starts with smtp now here it says smtp client authentication disabled false so that means smgp client authentication is enabled on this tenant if you want to verify same thing for mailbox you can run get iphone cache mailbox and here type the name or the email address and look for smgp so it says smtp client authentication disabled false so that means on mailbox level as well smtp client authentication is enabled if these values are set to true for organization level you can use command set iphone transport config and for mailbox level you can use set hyphen cache mailbox and you can modify these properties so we have met all the prerequisites now let's relay emails i will be relying emails from this machine and i will be using this script now this script says here i will be using the credential of one of the office 365 accounts i will be using the smtp server for client submission i will be using smtp.office365.com for direct send and smtp relay i will be using the mx record and i will be using the port either 25 or 587 depending on the relay method ssl is enabled from address to address and then subject and body and rest i will be using delivery notification in case if i need delivery notification on from address whether the email delivery was failure or it was success so that notification will be delivered on from address now here i will be typing the email address that i'm going to use to relay emails that is test user 1 at office 365 office365concepts.com let me copy this email address i will type the same email address in from address so first we are going to use client submission in client submission we use smtp smtp.office365.com this is the server where we are going to connect first before sending the email port number will be 587 so now we will add to address and by using client submission method we can send emails to both internal and external so let me type first internal user so i will be using office 365 user and that is 365 check concepts dot on microsoft dot com and then i will use external that is gmail account gmail.com and that's it this is the subject and body so let's run this script and now i will use the app password for this account this is the app password let me copy go back paste it here click ok and this email is gone now let's verify if we have received this email so let's go to external account first gmail so here is the email now let's go to internal user and here we can see the email has been received now the second option that we are going to use is direct send in direct send we can send emails only to internal users and the port number will be 25 and here we will use the mx record so for my domain mx record is office 365 concepts iphone com dot mail dot protection dot outlook.com if you're not sure about the mx record you can go to either you can go to your public dns you can copy it from here or you can go to office 365 portal go to settings domains and open the domain and go to continue setup and from here you can find the mx record this is the value so you can copy it from here so in this method we will be using the mx record for 25 and rest of the options will remain same and make sure you are using only the internal user so let's run this script now in direct send we will be typing the password of this account we will not use the app password so the email is gone and let's go to administrator account and this is the email so we have received the email by using direct send now the third option is or the third relay method is smtp relay in smtp relay we need to create one mail flow connector let's go to exchange admin center and go to mail flow go to connectors in connectors we will create one inbound connector so connection from will be your organization's email server connection two will be by default office 365 make sure here you are selecting your organization's email server now one thing you should be aware of is smtp relay is mostly used when you have on premise exchange server or you have exchange hybrid and in those scenarios you want to relay emails so then we need to create this connector so here we will give it a name for example relay connector and make sure it is set to turn it on go next now here you will get two options you want to create this connector on the basis of tls certificate that you are using in your on-premise or you want to use the ip address the public static ip address that you are using within your application or on the network from where you will be sending emails so i will be using my public ip address which is this and let's go back to exchange admin center paste the ip address add and click next create connector so this connector is created click done let's go back to script and in smtp relay as well we will be using the mx record and we will be using the port number 25 but the difference is in smtp relay we can send emails to the external users as well so here i will be typing the email address of external user now if your requirement is that you want to relay emails to multiple users or in bulk so one of the options is you can create a distribution group you can add internal and external users within the distribution group and instead of typing multiple email addresses here simply type the email address of distribution group and once you will send email to distribution group that email will be distributed among the members so that is one of the ways you can send emails to multiple users and if you want to add few email addresses in this script so you can use this format and then you can add multiple users like this so for now i will be adding only two users one internal and one external we will be using mx record port 25 and let's run this script again we will be using the password of this account we will not use app password app password is only required for client submission which is the first method for relaying emails so click ok and this email is sent so let's verify if we have received the email so here is the email zero minutes ago we have received it so this is how you can use smtp relay or direct send or client submission methods to relay emails you can use any one of these three methods as per your requirement and you can relay emails so if you have learned something new from this particular video please write in comments and please subscribe to the channel thank you guys thank you for your time take care
Info
Channel: Office365Concepts
Views: 64,937
Rating: undefined out of 5
Keywords: what is email relay, relay emails in office 365, smtp relay with connector, what is direct send, what is smtp relay in office 365, relay emails from printer, difference between client submission and direct send, create connector for smtp relay, how to relay emails in office 365, send emails from printer, send emails from device in office 365, troubleshoot smtp relay, troubleshoot relay emails, not able to relay emails, smtp relay office 365, smtp relay, office 365 concepts
Id: vCU_uVTNXo8
Channel Id: undefined
Length: 19min 1sec (1141 seconds)
Published: Tue Apr 26 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.