Views:

To resolve this compatibility issue, implement the Simple Mail Transfer Protocol (SMTP) relay and check the configuration afterwards.

  1. Add the SMTP Server feature.
    1. Go to Start > Server Manager.
    2. Click Add roles and features.
    3. A new window will pop up then click Next until you reach Select features.
    4. Select SMTP Server.
    5. Select also the Include management tools if Internet Information Services (IIS) Management Console and IIS 6 Management Compatibility features if these are not yet installed.
  2. Start the Simple Mail Transport Protocol (SMTP) service via services.msc and change the startup type to "Automatic".
  3. Open the IIS 6.0 Manager and expand the hostname.
  4. Right-click [SMTP Virtual Server #1] and select Properties.
  5. Navigate to General tab > IP Address > Advanced.
  6. Click Add and select the IP address of the server.
  7. On the TCP port field, type "587" and click OK.

    TCP port field

  8. On the General tab, select the actual IP address of the server from the IP address drop-down list.

    IP address drop-down list

  9. Go to Access tab > Authentication.
  10. Make sure that the "Anonymous access" check box is ticked and click OK.

    Anonymous access

  11. On the Access tab, click Connection.
  12. Mark the "Only the list below" radio button and add the IP address of the OSCE server.

    Connection > Only the list below

  13. On the Access tab, select Relay.
  14. Mark the "Only the list below" radio button and add the IP address of the OSCE server.

    Relay > Only the list below

  15. Go to Delivery tab > Outbound Security.
  16. Select "Anonymous access".
  17. Untick the "TLS encryption" check box.
  18. On the Delivery tab, select Outbound Connections and change the TCP port to "25".
  19. Go to the Delivery tab > Advanced.
  20. Get the server name by logging into the O365 Admin Portal:
    1. Click Domain.
    2. Select the domain being used.
    3. Copy the MX record from the DNS setting and use that address.
     
    You can also check this Microsoft KB Article for more details on getting the server name.
     

After the procedure above, the relay is now configured. To check if netstat -a if 0.0.0.0:587 is listening:

  1. Open a Notepad and type the following:

    FROM: <source email address>
    TO: <destination email address>
    SUBJECT: Test email
    This is a test email sent from my SMTP server

  2. Name this file as Email.txt and save it in C:\InetPub\MailRoot\Pickup.
  3. After a few minutes, check if the file is automatically moved to C:\InetPub\MailRoot\Queue folder. When the SMTP server delivers the mail, the file is automatically deleted from the local server.
  4. If you received the test mail in Office 365, the relay is working.
    If the SMTP server cannot deliver the message, use the non-delivery report (NDR), which is created under the C:\InetPub\MailRoot\BadMail folder, to diagnose the delivery issues.

To configure OfficeScan/Apex One to send emails via relay:

  1. On the OfficeScan/Apex One web console, navigate to Administration > Notifications > General Settings.
  2. Enter the following information:

    SMTP server: IP_ADDRESS of the relay
    Port: 587
    From: Email address of the Office 365 (e.g. test@mailbox_office365.com)

  3. Save the settings.
  4. Go to IIS Manager and select the OfficeScan/Apex One site.
  5. Open the SMTP email feature and mark the "Store e-mail in pickup directory" radio button.
  6. Set the path of the pickup directory (e.g. C:\InetPub\MailRoot\Pickup) and click Apply.
  7. Test the notification by creating an Eicar test in one of the OfficeScan/Apex One-protected machines.

For more information, refer to this article: SMTP Relay with Office 365.

Keywords: microsoft 365 officescan,osce and office 365 integration