Azure Email forwarding for external domain + dkim

Dorian Eley 1 Reputation point
2022-05-05T12:46:02.09+00:00

We need to be able to send email for xxx@externaldomain.com we also need to apply dkim This domain is already managed by the company that owns it on their Azure account, so azure won't allow us to administer it in any way or add it to domains. Is there a way to add this email for this domain and add Dkim to it? They will add whatever DNS records we need but everything i find relating to sending email for a domain in O365/azure requires authenticating we own the domain and azure won't let two different accounts manage the same domain for any services.

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,357 questions

7 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dorian Eley 1 Reputation point
    2022-05-09T10:40:25.697+00:00

    We can verify it, but azure won't accept it. I've ended up going back to the business and saying it's not possible, We have far simpler solutions available and this is just causing more problems than it's worth.

    I get the feeling Azure won't allow it so Azure can't be claimed to be spoofing other peoples email regardless of if you can verify it. Trying to find a way to achieve this resulted in me going down hacker holes describing how to spoof services and most of it again, needs a service other than azure. Sometimes it's not worth resolving a technical problem when there are other ways to skin the cat.

  2. Dorian Eley 1 Reputation point
    2022-05-09T15:17:59.603+00:00

    I have had a Response from microsoft with the following details.. So far it brings more questions than anything but posting it just in case others find this post.

    Good day, hope you are doing well.

    After discussing internally, I would like to recommend using the relay email method- How to set up a multifunction device or application to send email using Microsoft 365 or Office 365 | Microsoft Learn https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365

    You can also refer the below table referred from the above articles on feature based capabilities
    Here's a comparison of each configuration option and the features they support.

    Features SMTP client submission Direct send SMTP relay
    Send to recipients in your domain(s) Yes Yes Yes
    Relay to internet via Microsoft 365 or Office 365 Yes No. Direct delivery only. Yes
    Bypasses antispam Yes, if the mail is destined for one of your Microsoft 365 or Office 365 mailboxes. No. Suspicious emails might be filtered. We recommend a custom Sender Policy Framework (SPF) record. No. Suspicious emails might be filtered. We recommend a custom SPF record.
    Supports mail sent from applications hosted by a third party Yes Yes. We recommend updating your SPF record to allow the third party to send as your domain. No
    Saves to Sent Items folder Yes No No
    Requirements
    Open network port Port 587 or port 25 Port 25 Port 25
    Device or application server must support TLS Required Optional Optional
    Requires authentication Microsoft 365 or Office 365 username and password required None One or more static IP addresses. Your printer or the server running your LOB app must have a static IP address to use for authentication with Microsoft 365 or Office 365.

    Kindly let me know if you need any further clarification, I will be glad to help.

    I have actually forwarded this onto the dev team as it's their application, i figure they could use this better than i could but I'm still wrapping my brain around it.