Sending email from SharePoint on-premises via Office 365 – Client SMTP Submission

Installing a local SMTP Relay

The first step is to install an IIS SMTP server that will be used for relaying messages from SharePoint. This can be accomplished by using the ‘Add Roles and Features’ wizard, after completion will add a new option “Internet Information Services (6.0)” in the Server Manager ‘Tools’ menu. This is the interface by which we’ll configure the SMTP server, pictured below:

 

Configure SMTP Virtual Server Settings

By default the server listens to all addresses on port 25 which is the default SMTP server port, and Anonymous access is enabled; no changes are required to either of those items for our scenario. However, to ensure that we don’t relay messages from any machine we’ll limit the systems that are able to connect to and send through our server. From the “[SMTP Virtual Server #1] > Properties > Access” tab, click the “Connection” button which brings up the following window:

 

Be sure to specify the IP Address of each of the servers from which messages will be sent. Typically, multiple IP addresses are bound to each SharePoint server to support SSL bindings – be certain to list each of the addresses. In this screenshot, we’ve configured the SMTP Server to allow connections from two of our SharePoint servers.

Next, we’ll also ensure that only our two systems are allowed to relay messages through the SMTP server, which is accomplished by clicking on the “Connection” button on the same “Access” tab of the server properties. Note that we have the same two IP addresses listed, allowing only those two machines to relay:

 

From here, we need to configure the Office 365 mailbox username/password that the SMTP Server will use when sending messages. This is configured in the “Delivery” tab, using the “Outbound Security” button. Be sure to enter valid credentials for your Office 365 user, and if it’s a newly-created user make note that you’ll need to change the initial password on first login. If you don’t do this, mail will not send despite your best efforts!

 

Next we need to tell the server to use TCP port 587 when attempting to connect to Office 365, which is set in the “Outbound Connections” option of the “Delivery” tab:

 

Lastly, we need to specify which server to send mail through, and we do this by clicking the “Advanced” button on the “Delivery” tab. Be sure to specify the smart host as smtp.office365.com and clear the option to “Attempt direct delivery before sending to smart host”: this will ensure that all outbound mail will be sent via Office 365:

 

Configure Outgoing E-Mail Settings in SharePoint

Finally, we need to let SharePoint know about our new SMTP Server, which is done via Central Administration > System Settings > Outbound E-Mail Settings, as pictured below. Note that I’ve blurred out the values to protect the innocent, but you need to be certain to specify the servername, and your Office 365 mailbox user in the From address.

 

At this point, we’re ready to test our configuration and we’ll use PowerShell on the SharePoint server to do so. This way we can be sure that each component in our configuration is working, from the SharePoint settings through to the Office 365 mailbox. Open a SharePoint Management Shell and run the following PowerShell snippet:

$sdo = new-object System.collections.specialized.stringdictionary $sdo.add("to","raymond@dynamicowl.com") $sdo.add("from","sharepoint@office365domain.com") $sdo.add("Subject","Test message from SharePoint") $web = get-spweb "https://intranet" $messagebody = "This is a test message from SharePoint on-prem" [Microsoft.SharePoint.Utilities.SPUtility]::SendEmail($web,$sdo,$messagebody)

The output of the command will return “True” (and you’ll receive an email message) if it was successful; “False” indicates that something has gone wrong and the message was not delivered.

When things go wrong

In our experience, there are a few items that you’ll want to verify if outbound email is not flowing as expected, including:

  • the SMTP Server service is set to “Manual” start by default; be sure to change this to “Automatic” so that the service starts upon a reboot of your server
  • the Windows Server may require a server certificate in order for TLS to be used; this will generate an error in the Event Log and be evidenced by the SMTP Server Properties “Secure Communication” section of the “Access” tab indicating that no certificate can be found for TLS

Conclusion

E-mail is still a critical communication method in today’s business world, and moving email services to the cloud is more common than ever. We can still send email from an on-premises SharePoint server via Office 365 by setting up a local relay and sending mail from an Office 365 mail-enabled user.

BAT SCRIPT TO OPEN SQL SERVER PORTS IN THE FIREWALL

rem ******************code start******************************
 
@echo off 
sc config MpsSvc start= demand 
sc start MpsSvc
 
echo. *** OPENING SQL SERVER PORTS IN THE FIREWALL *** 
echo. source Mohamed Riyaz.
echo. 
echo. Note for Named Instances – SQL mirroring – Dynamic Ports and the firewall 
echo. see http://msdn.microsoft.com/en-us/library/cc646023(v=SQL.100).aspx#BKMK_programs 
echo. You will need to open firewall ports for your mirroring endpoints and possibly dynamic ports 
echo. 
echo. 
echo. Opening SQL Server TCP 1433 
netsh advfirewall firewall add rule name=”SQL Server (TCP 1432)” dir=in action=allow protocol=TCP localport=1433 profile=domain 
echo. 
echo. Opening SQL Admin Connection TCP 1434 
netsh advfirewall firewall add rule name=”SQL Admin Connection (TCP 1434)” dir=in action=allow protocol=TCP localport=1434 profile=domain 
echo. 
echo. Opening SQL Service Broker TCP 4022 
netsh advfirewall firewall add rule name=”SQL Service Broker (TCP 4022)” dir=in action=allow protocol=TCP localport=4022 profile=domain 
echo. 
echo. Port 135 
netsh advfirewall firewall add rule name=”SQL Debugger/RPC (TCP 135)” dir=in action=allow protocol=TCP localport=135 profile=domain 
echo. 
echo. Opening SQL Browser UDP 1434 
netsh advfirewall firewall add rule name=”SQL Browser (UDP 1434)” dir=in action=allow protocol=UDP localport=1434 profile=domain 
echo. 
echo. Opening Analysis Services TCP 2383 
netsh advfirewall firewall add rule name=”Analysis Services (TCP 2383)” dir=in action=allow protocol=TCP localport=2383 profile=domain 
echo. 
echo. Opening SQL Browser TCP 2382 
netsh advfirewall firewall add rule name=”SQL Browser (TCP 2382)” dir=in action=allow protocol=TCP localport=2382 profile=domain 
echo. 
echo. ***Done ***
 
sc stop MpsSvc 
sc config MpsSvc start= disabled
 
rem ******************code end******************************

Outbound e-mail has not been configured.

Severity 1 – Error 
Category Configuration 
Explanation A default SMTP server has not been configured.  One or more web applications do not have SMTP servers configured.  Because of this, features such as alerts will not function properly.
Remedy Configure an outgoing e-mail server from the central administration site or execute the following command: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\bin\stsadm.exe-o email -outsmtpserver <SMTP server> -fromaddress <someone@example.com> -replytoaddress <someone@example.com> -codepage <codepage> For more information about this rule, see http://go.microsoft.com/fwlink/?LinkID=142684.

 

Solution – PowerShell approach:

$ErrorActionPreference = "Stop"
Add-PSSnapin Microsoft.SharePoint.PowerShell -EA 0

$SMTPSvr = ‘mailserver.domainame.local’
$FromAddr = ‘noreply@domainame.local’
$ReplyAddr = ‘noreply@domainame.local’
$Charset = 65001

$CAWebApp = Get-SPWebApplication -IncludeCentralAdministration | Where { $_.IsAdministrationWebApplication }
$CAWebApp.UpdateMailSettings($SMTPSvr, $FromAddr, $ReplyAddr, $Charset)

 

Verify@:  Central Administration > System Settings > Configure outgoing e-mail settings

image