[SOLVED] Microsoft 365 (aka Office 365) Smart Host

U

utkonos

Active Member
Proxmox Subscriber
Apr 11, 2022
150
37
33
The outbound smart host connector from 365 to Proxmox is failing with a Relay access denied error.

All of Microsoft's IP ranges have been added as trusted networks in the following configuration location:
Configuration > Mail Proxy > Networks

Here are their ranges:
https://learn.microsoft.com/en-us/m...rls-and-ip-address-ranges?view=o365-worldwide

The inbound connector works fine and I am able to send test messages from the outside world through PMG to 365.

My hypothesis is that 365 has no concept of a port number when configuring a smart host. Therefore connections from 365 are being made to port 25 rather than 26 and relay is denied even though the domain of the sender is correct and the IP of the connection is allowed by the networks configuration.

Is there any way to work around this problem, or is outbound smart host from 365 not possible? This isn't a gigantic problem because 365 is capable of sending email on its own. Or I am also able to setup an intermediate smart host "proxy" running OpenSMTPD on a different IP that listens on 25 and is firewalled for 365 IPs and then relays to PMG port 26.
 
For anyone else who is trying to figure this out: my hypothesis is correct.

Microsoft 365 (Office 365) can only send to a smart host on port 25. This means you will have to put an email proxy between PMG and 365. This is not really a big deal since you probably already have a mail server configured to serve your roaming users who connect on the submission port to perform authenticated sending of emails. All you need to do is add a port listener on that server which is firewalled to the IP ranges published by Microsoft and configure the SMTPd on that server correctly for unauthenticated relay to the PMG. If you're using OpenSMTPD on that relay it can also be locked down via the match configuration in smtpd.conf.
 
  • Like
Reactions: maatsche
Microsoft 365 defaults to port 25 for SMTP connections and doesn't natively support alternate ports like 26 for smart host configurations. A workaround would be to set up the intermediary OpenSMTPD relay on port 25, which then forwards traffic to PMG on port 26. This should resolve the relay access issue while keeping your network secure.If you need a good deal on Microsoft Office subscriptions, there's a place offering Home & Business 2021 for Mac at a great price. You might want to check it out.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom