Share via

Problem Statement: SMTP Relay Failure in Azure IIS Setup

Phalle, Mahesh 1 Reputation point
2025-05-09T12:30:15.0666667+00:00

Problem Statement: SMTP Relay Failure in Azure IIS Setup

Issue:

I have set up an IIS SMTP relay on an Azure Windows Server to support legacy applications that do not support TLS 1.2+. The IIS SMTP relay is configured to forward emails to Office 365 SMTP (smtp.office365.com) via port 587. However, emails are not being sent successfully due to Office 365 enforcing STARTTLS, which my legacy applications do not support.

Observed Behavior:

  • Legacy applications send SMTP requests without TLS to IIS SMTP.
  • IIS SMTP receives emails internally but fails to forward them externally to Office 365.
  • Error message in Telnet session: 
    
  451 5.7.3 STARTTLS is required to send mail

Steps Taken So Far:

  • Installed & Configured IIS SMTP Relay on Azure Windows Server.
  • Enabled Anonymous Authentication for internal SMTP relay.
  • Set Smart Host to smtp.office365.com using port 587.
  • Allowed outbound traffic on port 587 in Azure NSG & Windows Firewall.
  • Verified SMTP relay logs (C:\inetpub\logs\LogFiles\SmtpSvc1).

Expected Outcome:

Legacy applications should be able to send unauthenticated SMTP emails to IIS, and IIS should forward these emails to Office 365 SMTP without enforcing STARTTLS. Since Office 365 requires TLS 1.2, I need a workaround or guidance from Microsoft on how to relay emails without requiring STARTTLS for legacy apps.

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,895 questions
0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.