Pfsense Office 365 Smtp

admin

  1. Pfsense Office 365 Smtp Settings
  2. Pfsense Office 365 Smtp Outlook
  3. Pfsense Office 365 Smtp Configuration

Collaborate for free with online versions of Microsoft Word, PowerPoint, Excel, and OneNote. Save documents, spreadsheets, and presentations online, in OneDrive. In this scenario I would like to allow SMTP traffic to my internet provider so that an application in my test environment is able to send notification messages. In this environment I use pfSense. For this to work, you have to create a port forwarding rule on the LAN interface forwarding traffic to any IP with port 587. To use SMTP Authenticated Submission, you must: Have an Office 365 user mailbox (licensed). This email address will appear as the sender of the message. PowerShell (or another client) must be able to resolve and reach smtp.office365.com. TCP Port 587 or 25 must be open to Office 365 from the client. Ramping up the complexity a bit.

With the most Office 365 and Microsoft 365 plans comes the Exchange Online mail server. As long as you are using Outlook (or the Outlook app), setting up your mail is pretty simple. But what are the correct Office 365 SMTP settings for your scanner or web application for example?

And what if you can’t use smtp.office.com, because you can’t use SMTP Client submission? In this article, I will explain how you can use the SMTP server from Office 365 for your application or device.

Office 365 SMTP Settings

Let’s first start with the most asked and simple to answer the question, what are the Office 365 Exchange Server settings? The settings below should in basic work for everyone with an Office 365 or Microsoft 365 plan that has Exchange Online.

  • SMTP Server address: smtp.office365.com
  • SMTP Port number: 587 (with TLS)
  • Authentication: Required
  • Username: <your Office 365 email address> ([email protected])
  • Password: <your Office 365 password>

With the settings above you will have a sending limit of 10,000 emails per day and 30 messages per minute. Which should be more than efficient for most use cases. If you need more you will need to use the SMTP Relay.

Pfsense office 365 smtp settings

SMTP with MFA

If you have MFA enabled for your account, then you can’t use your normal password to authenticate the Office 365 SMTP settings. You will need to create an App Password for this.

Another option is to use the Direct Send option that I will describe later on.

Office 365 IMAP Settings

To receive emails from Office 365 you may need to use IMAP. Again, if you are using MFA you will need to use an app password to set up the account.

  • IMAP Server address: outlook.office.com
  • IMAP Port number: 993
  • Encryption: SSL / TLS
  • Authentication: Required
  • Username: <your Office 365 email address> ([email protected])
  • Password: <your Office 365 password>

If you get an error Connection timed out, then most of the time the port is blocked in the firewall.

Office 365 SMTP Settings for Scanner or Application

Pfsense Office 365 Smtp Settings

To send an email from your scanner or application you can’t always use the first method. Not all scanners support SMTP with authentication and personally I don’t find it really convenient either. Another scenario could be that you don’t need to send the scans outside your organization.

Pfsense Office 365 Smtp Outlook

This is also a limitation of this method, Direct Send, you can’t use this to send emails to external recipients. And to be exact, to people who don’t have an Office 365 mailbox (for example Gmail accounts).

Settings this up is a bit more complicated, but one you made to changes in Office 365, you can use this for every device or application in your organization.

  1. Get your external IP Address, for example, add https://myip.com
  2. Sign in to Office 365 with the tenant admin account
  3. Go to Admin > Settings (click show all settings first) > Domains
  4. Select your domain and note the MX record
  1. Use the address, like <your-domain-com>.mail.protection.outlook.com, as the SMTP Server address.
  2. In the From field, you can enter any email address you like, as long it’s within your domain. The email address doesn’t have to have a mailbox or a license. So you can simply use [email protected]<your-domain.com>
  3. You also need to change your SPF record so includes your external IP Address is a valid address to send mail from. Be default your SPF records looks like this:

Pfsense Office 365 Smtp Configuration

  1. Change it to the following (where you replace 10.20.30.40 with your external IP address)

You should now be able to send the mail from your scanner or application to your user’s mailboxes. Keep in mind that DNS changes, like the SPF records, can take a couple of hours to apply.