Email query
-
We will only be sending this internally, but the vendor is looking for email w/out authentication. Looks like their software doesn't have field to input email account/pass and only requires email address, port and smtp server.
-
@JaredBusch said in Email query:
@scottalanmiller said in Email query:
@bishnitro said in Email query:
we are using office 365 and it doesn't work on it, so we are looking for alternative. The software resides on windows 2012 server.
Relays to Office 365 work just fine, we do it all the time. It just requires specific settings. Is the software on your Windows server trying to send emails out itself, or is it trying to send out from the Windows email component? (Basically, are we configuring something standard, or something proprietary?)
Actually, Office365 has massive restrictions for relaying mail. If the OP is only trying to send to a few people internally, then it is fine. If the OP is trying to send out a lot of email, then you can run into their throttling and limits.
Either way though the solution is the same. Spin up a CentOS 7 VM and configure Postfix to relay email for you. The only difference is in how you configure it.
Oh sorry, yes, I was improperly assuming that he was sending internally to his own Office 365 mailboxes.
-
@bishnitro said in Email query:
We will only be sending this internally, but the vendor is looking for email w/out authentication. Looks like their software doesn't have field to input email account/pass and only requires email address, port and smtp server.
Yeah, that's not going to work. I'd ask them why on earth they think that that is appropriate in this day and age. This is not at all acceptable in this era.
So we need to build you a relay.
-
is there a relay that is friendly to non-linux user like me?
-
@bishnitro said in Email query:
is there a relay that is friendly to non-linux user like me?
These are the steps to setup the server.
- Install CentOS 7 with a minimal configuration.
- Do not forget to turn on networking during the GUI install process.
- Note the MAC address and setup a static DHCP reservation in your DHCP server
- Install nano unless you prefer vi. I prefer nano.
yum -y install nano
- Update all packages.
yum -y update
- Reboot for good measure, but really should not be required.
- Edit the Postfix configuration file.
nano /etc/postfix/main.cf
- Follow these instructions for the configuration of Postfix and Office 365
- Install CentOS 7 with a minimal configuration.
-
@bishnitro said in Email query:
we are using office 365 and it doesn't work on it, so we are looking for alternative.
Why doesn't it work?
-
@Carnival-Boy said in Email query:
@bishnitro said in Email query:
we are using office 365 and it doesn't work on it, so we are looking for alternative.
Why doesn't it work?
Their application cannot do authentication.
-
I guess you could actually just create an anonymous receive connector in Office 365 and restrict it to your public IP.
-
Why do they need to authenticate to send an e-mail to someone in their organisation?
-
Here is the Windows way of doing it. https://support.office.com/en-us/article/How-to-configure-IIS-for-relay-with-Office-365-eb57abd2-3859-4e79-b721-2ed1f0f579c9?ui=en-US&rs=en-US&ad=US
It is being deprecated but if you're on Server 2012R2 you still have access to it. Just make sure you restrict it so that only the localhost can send emails through it.
-
@Carnival-Boy said in Email query:
Why do they need to authenticate to send an e-mail to someone in their organisation?
The application is trying to connect and send SMTP. Office 365 does not allow that out of the box.
-
If I want to send an e-mail to @bishnitro I can just make an SMTP connection to his server and send him an e-mail, can't I?
-
@bishnitro said in Email query:
is there a relay that is friendly to non-linux user like me?
Yeah, postfix is not that bad. You can also run something on Windows, but really, the Linux way isn't bad. And is a great learning experience.
-
@Carnival-Boy said in Email query:
If I want to send an e-mail to @bishnitro I can just make an SMTP connection to his server and send him an e-mail, can't I?
In theory, yes. But with modern security, that's never realistically possible.
-
@bishnitro said in Email query:
is there a relay that is friendly to non-linux user like me?
I just built one this week. It seems to be a popular topic at the moment.
-
@scottalanmiller said in Email query:
But with modern security, that's never realistically possible.
Why not?
-
@scottalanmiller said in Email query:
@Carnival-Boy said in Email query:
If I want to send an e-mail to @bishnitro I can just make an SMTP connection to his server and send him an e-mail, can't I?
In theory, yes. But with modern security, that's never realistically possible.
It will not work. when an app tries this is will get blocked for relaying.
-
@Carnival-Boy said in Email query:
@scottalanmiller said in Email query:
But with modern security, that's never realistically possible.
Why not?
Lots of reasons, all around security and stopping spam, none of these are 100%, but most are like 95% true and with the overlap, it's nearly 100% that it would cause an issue:
- Port 25 is not always used any longer, it's one of three main ports.
- TLS is often required.
- SPF records are sometimes required.
- Reverse lookups almost always need to work.
And more. Accepting email from "just anywhere" isn't done any longer. At a minimum most sites need to be set up as the official email system for the domain in question. Getting email to the big boys that represent most of the market (MS, Google, etc.) is even harder.
-
If you don't have all of these things, then some systems will allow you to connect as an authenticated user, if you have an account on that system, which is what we are trying to do here. But the issue is that the proprietary software doesn't allow for the user to log in on the email system so that doesn't work.
-
@Carnival-Boy said in Email query:
@scottalanmiller said in Email query:
But with modern security, that's never realistically possible.
Why not?
doing this correctly would mean that the OP would using a sending address that is on the same domain as his email domain that's hosted on O365. O365 will deny emails claiming to be coming from somewhere else for the same domain, because O365 Knows that it's responsible for that domain - it's an antispam thing.