How to Configure SMTP Relay for Office 365

Posted on Updated on

For online administrators, many may have internal Line of Business (LOB) applications, appliances, etc that need a Messaging service in order to deliver emails via SMTP.  BPOS Admins may have used the Forefront Online Protection for Exchange (FOPE) to deliver on-premises emails to BPOS online users.  However if recipients are/were outside of BPOS, they needed to send these SMTP relay mail messages to (Northamerica Data Center).

To setup Office 365 SMTP Relay you will need to either reconfigure your existing SMTP Relay settings or create a new environment to accomplish this task.

Note – Depending on the SMTP recipients you may use different settings.  If sending to EXO365 recipients with the recipients domain registered and managed in Office 365 (Managed Domain), you can use FOPE to deliver all mail, as the domain was created and verified in O365 and FOPE was updated to route all mail to EXO365 for this domain.

Steps to Setup SMTP Relay for Office 365

Create and Activate an Online User with an Online MBX

  1. Go into Active Directory Users and Computers (dsa.msc) and create a new NT User account
  2. Mail =
  3. Run DirSync to get this user into your Online company
  4. Activate the user with an online MBX, can either be a Standard or Kiosk user, as long as the user has an online MBX.

Configure either the LOB or IIS SMTP Relay server. In this example I am using an IIS SMTP Relay server that other applications can use to send mail:

  1. Install IIS onto an internal server, electing to install the SMTP components
  2. Expand the Default SMTP Virtual Server and click the domains node
  3. Right-click Domains and select New –> Domain –> Remote
  4. Name = *.com –> Finish
  5. Double-click the newly created domain
  6. Allow incoming mail to be relayed to this domain = Checked
  7. Forward all mail to smart host =


  1. Outbound Security
  2. Basic Authentication
    1. User = FQDN of Online activated user with EXO MBX and password
    2. Note – Check the TLS encryption option
  3. OK


  1. Right-click the Default SMTP Virtual Server node and select Properties
  2. Click the Delivery tab
    1. Outbound Connections
      1. TCP Port = 587 –> OK


  1. Outbound Security
  2. Basic Authentication
    1. User = FQDN of Online activated user with EXO MBX and password
  3. Note – Check the TLS encryption option


  1. Click the Access tab
  2. Authentication tab = Anonymous


  1. Relay tab = Online the list below = IP address of client machine


Test SMTP Relay

  1. Configure your LOB application or appliance to send mail to the above IIS server, making sure your sender uses the same email address as your account used in the IIS SMTP Relay account settings section.  If the smtpRelay account and sender are not the same, Exchange 365 will respond with a “Relay – Access Denied” message and the only way to resolve this is to align the smtpRelay and sender account to be the same!

Whatcha thinkin?

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s