Office365 Direct Send without Relay



  • Trying to figure out why I can't send email directly from my applications and other devices in the organization (for the purposes of being able to scan from a printer and send the scan as an email attachment.

    Running a few powershell scripts I see the issue. . . we don't have a dns for office 365

    Resolve-DnsName -name domain.com -type MX
    
    Name                                     Type   TTL   Section    NameExchange                              Preference                               
    ----                                     ----   ---   -------    ------------                              ----------                               
    domain.com                    MX     1200  Answer     srv1.domain.com               10                                       
    domain.com                    MX     1200  Answer     srv2.domain.com               10                                       
    
    Name       : srv1.domain.com
    QueryType  : A
    TTL        : 1200
    Section    : Additional
    IP4Address : 192.168.2.12
    
    
    Name       : srv2.domain.com
    QueryType  : A
    TTL        : 1200
    Section    : Additional
    IP4Address : 192.168.2.13
    

    Srv1 and Srv2 are setup as mail relays, but they are going away in the future. Anyone have any recommendations on how to address this?



  • Would adding a new connector in office 365 be able to address this?



  • Checking against office 365

    Resolve-DnsName -name domain.onmicrosoft.com -type MX
    
    Name                                     Type   TTL   Section    NameExchange                              Preference                               
    ----                                     ----   ---   -------    ------------                              ----------                               
    domain.onmicrosoft.com        MX     3600  Answer     domain.mail.protection.outlook 0                                        
    																 .com


  • I typically put that name exchange in any of the devices and email gets out.

    <domain>.mail.protection.outlook.com with whatever your domain is.



  • @NerdyDad I'll give it a try.



  • Doesn't seem to work, what else should I look at?



  • That is typically all that I need to do. I'm sure you already have the right port open on your firewall pointing to O365.

    My environment doesn't require authentication. Does yours?

    Also, make sure that you check O365 ports for protocol traffic on the devices that you are trying to connect.



  • What I've done in the past is setup a local relay. Something that only accepts traffic from the various devices and relays it out to O365. You can use Postfix and Microsoft's SMTP server to do this.



  • @coliver said in Office365 Direct Send without Relay:

    What I've done in the past is setup a local relay. Something that only accepts traffic from the various devices and relays it out to O365. You can use Postfix and Microsoft's SMTP server to do this.

    I've heard of this being done. Either with the old on-prem exchange server being turned into a relay or building out a new relay entirely. I'm not an Exchange expert by any means so I cannot speak as to how to do it. I just know that it can be done.



  • @NerdyDad said in Office365 Direct Send without Relay:

    @coliver said in Office365 Direct Send without Relay:

    What I've done in the past is setup a local relay. Something that only accepts traffic from the various devices and relays it out to O365. You can use Postfix and Microsoft's SMTP server to do this.

    I've heard of this being done. Either with the old on-prem exchange server being turned into a relay or building out a new relay entirely. I'm not an Exchange expert by any means so I cannot speak as to how to do it. I just know that it can be done.

    Here are the different options you can use. Some of them are limited to only send to users on your domain.

    https://support.office.com/en-us/article/How-to-set-up-a-multifunction-device-or-application-to-send-email-using-Office-365-69f58e99-c550-4274-ad18-c805d654b4c4?ui=en-US&rs=en-US&ad=US


  • Service Provider

    For only basic email traffic needs like scan to email, just setup a connector in Office 365.

    0_1492696529257_upload-114c859e-4acc-44f7-98fb-1e15dd07b888

    0_1492696555576_upload-097270f5-1ef9-441c-be47-52dedd9dbb0b

    Exchange Online has various rate limits though. So if you think you will be even close to them, use postfix locally to send out and just add your local WAN IP to your SPF record.



  • I got it sorted, separate spam filter relay is what was needed.



  • @JaredBusch said in Office365 Direct Send without Relay:

    For only basic email traffic needs like scan to email, just setup a connector in Office 365.

    0_1492696529257_upload-114c859e-4acc-44f7-98fb-1e15dd07b888

    0_1492696555576_upload-097270f5-1ef9-441c-be47-52dedd9dbb0b

    Exchange Online has various rate limits though. So if you think you will be even close to them, use postfix locally to send out and just add your local WAN IP to your SPF record.

    Why wouldn't your local relay still relay everything through Hosted Exchange in O365? or would that be rate limited as well?


  • Service Provider

    @Dashrender said in Office365 Direct Send without Relay:

    @JaredBusch said in Office365 Direct Send without Relay:

    For only basic email traffic needs like scan to email, just setup a connector in Office 365.

    0_1492696529257_upload-114c859e-4acc-44f7-98fb-1e15dd07b888

    0_1492696555576_upload-097270f5-1ef9-441c-be47-52dedd9dbb0b

    Exchange Online has various rate limits though. So if you think you will be even close to them, use postfix locally to send out and just add your local WAN IP to your SPF record.

    Why wouldn't your local relay still relay everything through Hosted Exchange in O365? or would that be rate limited as well?

    Exchange Online has limits. it does not matter from where the email originate. The software was actually setup to authenticate and send email directly with and Exchange Online account during testing.

    This quickly hit the rate limits as the client was sending out large amounts of price notifications to users that has signed up for such.

    So this site had a local CentOS 7 box setup and Postfix was configured to send mail out. The SPF record was updated and then a connector was also setup to make sure nothing was blocked for no reason.



Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.