Microsoft 365 and Office | Other
Miscellaneous topics that do not fit into specific categories.
Outbound Mail Connector and Certificate Issue
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 50%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Saurabh Singh
0
Reputation points
Please review this article for reference: Configure Outbound Mail via Office 365. Based on the guidance (https://www.alitajran.com/configure-outbound-mail-office-365/), I created a new connector to route outbound internet mail through Office 365 EOP with the following configuration in hybrid:
Code
New-SendConnector -Name "Outbound to Internet via Office 365" `
-AddressSpaces * `
-CloudServicesMailEnabled $true `
-Fqdn given name `
-RequireTLS $true `
-DNSRoutingEnabled $false `
-SmartHosts given as per guidance
-TLSAuthLevel CertificateValidation
Test Mail Flow Result:
Outbound mail routed through the connector Outbound to Internet via Office 365 failed due to certificate trust problems.
Our Exchange server is currently using a certificate private for SMTP.
Error observed: 550 5.7.64 Relay Access Denied
Full certificate chain to a Microsoft‑trusted Root CA was not found.
Certificate Details:
A wildcard certificate is valid until June 2026. It is currently used for SSL but not enabled for SMTP.
This wildcard certificate looks good, and it may be possible to use the same certificate for outbound mail if we enable it for SMTP.
The certificate currently bound to SMTP, IIS, POP, and IMAP is a self‑signed certificate generated automatically during installation.
Question:
Can we enable the wildcard certificate for SMTP and use it for outbound mail, or do we need to request a new public certificate issued by a trusted CA?
Microsoft 365 and Office | Other
Sign in to answer