Azure Communication Services SMTP Relay Assistance

Question

Azure Communication Services SMTP Relay Assistance

Drew Tomlinson 0

My situation is that I run my own smtp mail server for personal use to handle email for my domain. I like to have it receive email, then do some basic spam filtering, and finally forward the email to my Gmail account. I used to do this without issue but I can no longer send mail directly from my personal server due to spam mitigation on both Google and my ISP. Thus, I'm trying to implement ACS for smtp relay.

I think I am most of the way there and can even send test email via the "try email" option in the portal. From what I gather, my next step is to register an app in Entra ID for ACS which will create a username/password I can use to relay. This is where I'm stuck. I've been following the info here but it's extremely vague for someone that doesn't already know everything:

https://techcommunity.microsoft.com/t5/azure-communication-services/send-emails-via-smtp-relay-with-azure-communication-services/ba-p/4175396

I'd really appreciate any help you might be able to give me, even if it's just a link to a tutorial specific to ACS smtp relay.

1 answer

Your answer

Answer 1

Sina Salam 22,031 Volunteer Moderator

Hello Drew Tomlinson,

Welcome to the Microsoft Q&A and thank you for posting your questions here.

I understand that you are in need of assistance to make sure your SMTP relay with Azure Communication Services works effectively.

With your explanations, you're very well on the right track with setting up Azure Communication Services (ACS) for SMTP relay. In the below lists of actons, observe what yo've done and what you have not as follow:

The first thing is to Register your app in Entra ID via Azure portal by navigating to Azure Active Directory > Select App registrations and then new registration > Fill in the required fields and register the app > and once registered, go to the app’s Certificates & secrets section to create a new client secret. Note down the Client ID, Tenant ID, and the Client Secret.

Secondly, In the Azure portal, navigate to Azure Communication Services > Select your ACS resource and go to Access control (IAM) > Create a custom role with permissions to send emails. You can clone the Reader role and add the necessary actions for email sending.

Then, use the following SMTP settings:

SMTP server address: smtp.azurecomm.net

Port: 587

Username: <ACS Resource Name>.<Entra Application ID>.<Entra Tenant ID>

Password: The client secret you generated.

After all the above, you will need to test mail using any email client to test sending emails. Here I used a PowerShell for an example:

$Password = ConvertTo-SecureString -AsPlainText -Force -String '<Client Secret>'
$Cred = New-Object -TypeName PSCredential -ArgumentList '<ACS Resource Name>.<Entra Application ID>.<Entra Tenant ID>', $Password
Send-MailMessage -From '******@yourdomain.com' -To '******@gmail.com' -Subject 'Test Email' -Body 'This is a test email.' -SmtpServer 'smtp.azurecomm.net' -Port 587 -Credential $Cred -UseSsl

For more steps and detailed guide, you can refer to the Microsoft Learn links here: https://learn.microsoft.com/en-us/azure/communication-services/quickstarts/email/send-email-smtp/send-email-smtp

I hope this is helpful! Do not hesitate to let me know if you have any other questions.

Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful.

Drew Tomlinson 0 Reputation points

2024-10-23T19:02:17.2533333+00:00

Thank you for your reply. I think I had previously completed registering ACS with Entra ID. Here are some screenshots:

And then I created a client secret:

Based upon what you are saying, I think my user id should be:
AzureComResource.689d9850-d933-4549-87fc-e125476b7fbc.cfbc361d-574b-4a5f-a2d0-52fe7547616e

Is the client secret the Secret ID or the Value?

I currently have the username set to AzureComResource.689d9850-d933-4549-87fc-e125476b7fbc.cfbc361d-574b-4a5f-a2d0-52fe7547616e and the password set to "$Value". However, this returns an authentication error when testing. I do not know what I am missing.

Thanks,

Drew
Drew Tomlinson 0 Reputation points

2024-10-23T19:06:50.2033333+00:00

I added a comment with further questions and clarifications but now I don't see it.

Edit:

OK, now I see it. I would delete this comment if I knew how. Sorry for the noise.

Drew Tomlinson 0

This is an example error from my Postfix mail log:

Oct 23 12:10:17 blackcloud postfix/smtp[27120]: 59E78273538: to=******@outlook.com>, orig_to=<******@mykitchentable.net>, relay=smtp.azurecomm.net[52.154.159.61]:25, delay=3240, delays=3240/0.4/0.3/0.04, dsn=4.7.57, status=SOFTBOUNCE (host smtp.azurecomm.net[52.154.159.61] said: 530 5.7.57 Client not authenticated to send mail. (in reply to MAIL FROM command))

Drew Tomlinson 0

I was trying to post an example error from my Postfix mail logs. I don't know why it would have been deleted as I can't imagine how that violates any term of service. I'll try one more time:

Oct 23 12:10:17 blackcloud postfix/smtp[27120]: 59E78273538: to=<******@outlook.com>, orig_to=<******@mykitchentable.net>, relay=smtp.azurecomm.net[52.154.159.61]:25, delay=3240, delays=3240/0.4/0.3/0.04, dsn=4.7.57, status=SOFTBOUNCE (host smtp.azurecomm.net[52.154.159.61] said: 530 5.7.57 Client not authenticated to send mail. (in reply to MAIL FROM command))

Erland Sommarskog 122.3K Reputation points MVP Volunteer Moderator

2024-10-23T21:59:05.8033333+00:00

I've restored both your posts. The spam filter gets a little overly aggressive sometimes.
Ugacomp Technologies 0 Reputation points

2024-10-27T00:54:33.9166667+00:00

Has anybody found out the solution to this question? I am looking for a similar solution that could allow me to integrate Azure Communication Services SMTP relay to my self-hosted Email Server.

Share via

Azure Communication Services SMTP Relay Assistance

1 answer

Your answer