Posted inEmail

Using Office 365 as a mail relay with Exim on Debian

October 6, 2021No Comments

Recently I had to setup a web server to relay all outbound email (e.g. password resets) through Office 365. The options are listed in How to set up a multifunction device or application to send email using Microsoft 365 or Office 365, which I’ll summarise as:

  • SMTP Auth: Using the authentication details of one of your Office 365 mailboxes. All emails have to come from the address of that user.
  • Direct Send: Emails are sent directly to Office 365 recipients.
  • SMTP Relay: Emails are sent to Office 365, which either delivers them directly or forwards them to the appropriate email service.

In our use case, SMTP Auth was ruled out because we needed to relay all mail, including cron jobs and other system mails which couldn’t use SMTP Auth. We also needed emails to be sent from a variety of addresses. Direct Send was ruled out because we needed to send emails to users who are not using Office 365. That left SMTP Relay as the only option.

The requirements for SMTP Relay were:

  • All email had to have ‘from’ and ‘envelope-from’ addresses within the domains hosted on Office 365.
  • All email came from a fixed range of IP addresses.

The steps to set this up with Exim and Debian were as follows (replace example.org and example-org with your domain):

Start the Exim configuration process: sudo dpkg-reconfigure exim4-config

General type of email configuration: mail sent by smarthost; no local mail

System mail name: example.org

IP addresses to listen on for incoming SMTP connections: 127.0.0.1 ; ::1

Other destinations for which mail is accepted: [leave empty]

Visible domain name for local users: example.org

IP address or host name of the outgoing smarthost: example-org.mail.protection.outlook.com

Keep number of DNS-queries minimal (Dial-on-Demand)? No

Split configuration into small files? No

Some potential problems which you might run into:

  • System generated emails might be sent to/from addresses like www-data@example.org. Make sure that these addresses exist in Office 365 before you set up relaying.
  • At the time of writing, Office 365 doesn’t seem to support IPv6. This may cause issues if your server is IPv6-only, and you’ll need to keep an eye out for announcements in case IPv6 is enabled on Office 365 at a later date.

If you’re thinking of moving to Office 365, or are already using it and want to relay mail from your web application, please get in touch to find out how I can help you do this.

Last updated on October 8, 2021

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.