Exchange Online - SMTP Relay for Onpremise Systems

SQIT 0 Reputation points
2024-11-25T14:26:24.1866667+00:00

Hello everyone, Since Microsoft has announced that it will soon deactivate the legacy SMTP protocol (including SMTP authentication), I am faced with the question of how on-premise systems can continue to send emails. Specifically, the situation is as follows: An on-premise server uses an IIS SMTP relay that currently works with SMTP authentication. This method will no longer work after the legacy SMTP protocol is deactivated. I have heard of Azure Communication Services, which supports OAuth, but this is not compatible with old systems that do not support OAuth. My question: What solution does Microsoft recommend for on-premise systems that still need to send emails via a relay when SMTP auth is no longer available? Is there an alternative that is both secure and suitable for older systems? Thank you in advance for your support!

Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
2,167 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Xintao Qiao-MSFT 4,775 Reputation points Microsoft Vendor
    2024-11-26T03:22:13.16+00:00

    Hi, @SQIT

    With the imminent retirement of legacy SMTP protocols, including SMTP authentication, you will need to look for alternative ways to enable your on-premises systems to continue sending email securely. Here are some suggestions that may help:

    1. You can configure your local system to use Office 365's SMTP trunk. This method allows you to send emails without using SMTP authentication.
    2. For clients that still require legacy SMTP, you can opt in to Exchange Online endpoints to support legacy TLS clients that use SMTP AUTH.
    3. If you have a hybrid setup of on-premises and cloud environments, you can take advantage of a hybrid configuration where email is routed through an on-premises Exchange server and then relayed by it to Office 365.
    4. If you have any systems that can be updated or configured to use OAuth2, this should be your top consideration for modern and secure email communications.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".


  2. SQIT 0 Reputation points
    2024-11-27T12:36:46.3566667+00:00

    Hi Xintao Qiao,

    many thanks for your Reply.

    so the only secure ways would be option 3 or 4.

    In conclusion, either we use the Hybrid setup (relay over onprem Exchange) or we use OAuth if possible. Is there anything planed for Environments who dont support OAuth if no Onprem Exchange is available as SMTP is soon decommissioned? I Guess the Option 1 with the Exchange Connector is not the best choice as it doesnt need any authentication.

    Best Regards

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.