Send mail to Exchange Online using standard SMTP session | Part 2#4 5/5 (6) 12 min read

In the current article, we will review the mail flow scenario in which external hosts such as web application or mail-enabled devices to address Exchange Online server by using a standard SMTP session.

Send mail to Exchange Online – Article Series

In the past, the main way to address Exchange Online server was by using the TLS protocol + provide user credentials.
This requirement posed great difficulty before the “external hosts” that need to use the Exchange Online services as a mail server because many times, the external host didn’t have the ability to support the TLS protocol or provide a particular user credential.

The good news is that we can choose an “easy path” which will enable the external host to address Exchange Online server and ask for mail services without the need for a complicated configuration.

The only condition we should fulfill is enabled Exchange Online to identify the “external host” by providing Exchange Online the public IP of this host.

The “identification mechanism” is implemented by creating an inbound mail connector which will include the IP address that used by the external hosts that address Exchange Online server.

In the following diagram, we can see a logical representation of the mail channel between the external mail-enabled host (web application, printer, fax device, etc.) and Exchange Online server.

Notice that the external hosts can address Exchange Online server to ask him to deliver an email message to Office 365 recipients or an external recipient (non-Office 365 recipients).

A common scenario in which external host need to send E-mail message via Exchange Online

It’s important that we can differentiate between the logical channel versus the “physical channel”. In reality, the mail-enabled hosts don’t address Exchange Online directly, but instead via a gateway such as firewalls.

In other words, in fact, when mail enables host address the Exchange Online server, the external hosts are represented by the public IP address that is used by the firewall.

The physical infrastructure is implemented by firewall device the represent the network hosts

As mentioned, to enable Exchange Online to identify the external mail enable host so Exchange Online can “trust” them and provide them the required mail services. The Exchange Online server will need to configure in advance, with information about the particular IP address that will be used by the external mail-enabled hosts.

In the following diagram, we can see an example of a scenario in which the Firewall “represent” a couple of mail-enabled hosts.

The Exchange Online doesn’t need to “know” about the internal IP address of this host or the particular IP address of each mail-enabled host.

Instead, the Exchange Online server will know only about the public IP address that used by the firewall server who represent the particular network.

Exchange Online and EOP (Exchange Online protection).

In the current article, we relate to the Office 365 mail server “entity” as an Exchange Online server. If we want to be more accurate, the “real entity” that we address is the EOP (Exchange Online Protection) server.

The EOP server is the mail gateway and the mail security gateway that represents the Office 365 mail infrastructure.

Throughout this article, I use both terms in parallel.

External host identify himself using IP address

The configuration of a mail flow in which our mail-enabled hosts will use Exchange Online as their mail server based on the following steps:

  1. Get the host name of the Exchange Online server that represents our domain name.
  2. Get the Public IP address that represents the mail-enabled hosts
  3. Create a new inbound Exchange Online mail connector that will identify the IP address of this host as “trusted.”
  4. Optional – in case that we experience a problem in which the E-mail message doesn’t send to the destination recipient or doesn’t accept by Exchange Online server, we can use a simple SMTP test to verify that we can communicate with the Exchange Online server using SMTP protocol.

In the following section, we will review each of these steps in details.

Step 1#4 – Get the host name of the Exchange Online server who represents our domain in Office 365.

There are a two ways that we can use to get information about the FQDN (Fully Qualified Domain Name) of the Exchange Online that “send E-mail for our domain.”

Option 1: Office 365 administrate portal.
  • Log in to Office 365 portal as global administrator
  • On the left sidebar – choose the domain
  • Choose – Manage DNS

Get the host name of the Exchange Online server who represents our domain 01

Under the Exchange Online section, look for information about the MX record hostname (POINTS TO ADDRESS). In our scenario, the Exchange Online server who will “represent” our organization is: o365info-com.mail.protection.outlook.com
Get the host name of the Exchange Online server who represents our domain 02

Option 2: using the nslookup tool.

Another option for getting information about the “Host name” of the Exchange Online mail server that “represent” our organization is: by using the nslookup tool.

  • Open the command prompt
  • Type the command: Nslookup
  • Type the command: set type=mx
  • Type the name of the domain that you want to display his MX record. In our scenario: com

In the following screenshot, we can see the result of our MX query.

In our example, the host name of the Exchange Online server who represents our domain is: o365info-com.mail.protection.outlook.com
Get the host name of the Exchange Online server who represents our domain 03

Step 2#4 – Get the Public IP address that represents the mail-enabled hosts

To be able to configure the required Exchange Online incoming mail connector, we will need to Prepare in advance the public IP address that is used by the mail-enabled hosts.

In case that the external mail-enabled hosts are the host that located on your network, you can consult the technical contact who is responsible for the firewall infrastructure what the IP address is\s that represents the organization.

A simple option that will enable you to discover the public IP address that represents a particular desktop or network is by using your browser and type the query – what is my IP.

In the following screenshot, we can see an example of the answer that we got.

Get the Public IP address that represent the mail enabled hosts

Its import net to emphasize that this is not a “definite answer” because, in many scenarios, the network is represented by more than one public IP address.

In a scene in which the mail-enabled host is a web application that is hosted by external ISP, consult your ISP and ask him regarding the public IP or the public IP range that he uses.

Step 3#4 – Create a new inbound Exchange Online mail connector that will identify the IP address of this host as “trusted”

In the following section, we will provide a step by step instruction on how to create the required Exchange Online incoming mail connector.

Metaphorically, we can relate to the Exchange Online incoming mail connector as an “ear” that listens to the communication request of the mail-enabled hosts.

  • Log in to Exchange Online admin center
  • On the left menu bar choose – Mail flow
  • On the top menu bar choose – connectors

How to send E-mail to Exchange Online using SMTP protocol -01

  • In the From: option box, choose the option: Your organization email server
  • In the To: option box, choose the option: Office 365

How to send E-mail to Exchange Online using SMTP protocol -02

In the *Name: box type the name whom you choose.

The Description: box is optional, but I recommended adding a detailed description that will help us in the future (or other IT members) to easily understood the purpose of the Exchange Online mail connector.

How to send E-mail to Exchange Online using SMTP protocol -03

In the following screenshot, we can see that we can “authenticate” the external mail-enabled hosts by using one of the following options.

  1. Server certificate
  2. IP address

In our scenario, we need to identify the external mail-enabled hosts by using the option of IP address.

Choose the option – By verifying that the IP address of the sending server matches one of these IP addresses that belong to your organization

How to send E-mail to Exchange Online using SMTP protocol -04

Click on the plus icon to add the IP address.

How to send E-mail to Exchange Online using SMTP protocol -05

In the following screenshot, we can see the IP address that “represent” our external mail-enabled host.

How to send E-mail to Exchange Online using SMTP protocol -06

In the following screenshot, we can see the result, the IP address that is “allowed” by the Exchange Online server.

How to send E-mail to Exchange Online using SMTP protocol -07

In the following screenshot, we can see the summary information about the new Exchange Online incoming mail connector.

How to send E-mail to Exchange Online using SMTP protocol -08

In the following screenshot, we can see the final result. A new incoming mail connector created.

How to send E-mail to Exchange Online using SMTP protocol -09

Step 4#4 – Verifying communication with Exchange Online

Technically speaking, the task of creating the required configuration for enabling our hosts to address Exchange Online server are completed.

In many scenarios, the task will not be completed because there could be some obstacles such as:

  • A firewall that doesn’t include “outbound rule” that will allow the mail-enabled device to the communication Exchange Online server using port 25
  • Spelling mistake of the Exchange Online host name

To be able to verify that we can implement the communication channel between the source (the mail-enabled hosts) and the destination (the Exchange Online server), we can simulate the communication channel by trying to telnet from our network (the network the hosts the mail-enabled hosts) to the Exchange Online server and verify if we can create the required communication channel.

In the following section, we will demonstrate how to communicate the Exchange Online server using telnet client and friendly GUI telnet client.

Verifying communication with Exchange Online using Telnet

In case that you want to check or simulate the communication channel to the EOP server using a “standard SMTP session,” you can try to send E-mail via EOP using Telnet session.

In the following section, we will demonstrate how to use Telnet client for verifying the communication channel with EOP.

Note – the Telnet client is not installed by default in the Windows OS, you will need to install the Telnet client.

  • Windows 2008 – use the Server manager ==> add feature option and, then add Telnet client.
  • Window 7,8 – control panel ==> Programs and features ==> Turn Windows features on or off and then, add Telnet client.
  • Another option is to run the following command from the command prompt: pkgmgr /iu:”TelnetClient”

In our example, the host name of the EOP that represents the domain name: o365info.com is: o365info-com.mail.protection.outlook.com

Open a new command prompt and type the Telnet command using the following syntax:

Telnet <Host name> <port>

In our example: Telnet o365info-com.mail.protection.outlook.com 25

Verifying communication with Exchange Online using Telnet -01

In the following screenshot, we can see the result, the answer from the EOP server appears on the screen:

Verifying communication with Exchange Online using Telnet -02

220 AM1FFO11FD029.mail.protection.outlook.com Microsoft ESMTP MAIL Service ready at Sun, 3 May 2015 08:26:10 +0000

At this stage, we can know that

  1. We know to “right hostname” of the EOP server that represented our domain.
  2. That the EOP server name was successfully resolved to an IP address.
  3. That we can create an SMTP session (the firewall enables us to use SMTP, etc.).

In our scenario, we will send an E-mail message to a recipient named: john@o365info.com
To simplify the test process, we will use the E-mail address of John also as the “source E-mail address”.
In simple words: we will simulate a process in which John sends E-mail to himself by addressing the EOP server.

1. Starting an SMTP session

The first command that we use for starting the SMTP session with the EOP server is:
Helo

The result is an answer that sends from the EOP server:

250 AM1FFO11FD029.mail.protection.outlook.com Hello [212.25.80.236]

2. Define the source recipient

In our scenario, the source recipient is: john@o365info.com

The Telnet commands that we use for configuring the source recipient is:

mail from:john@o365info.com

The EOP server reply is:

250 2.1.0 Sender OK

3. Define the destination recipient

In our scenario, the destination recipient is also: john@o365info.com

The Telnet command that we use for configuring the destination recipient is:

rcpt to:john@o365info.com

The EOP server reply is:

250 2.1.5 Recipient OK

4. Create the E-mail message content

To be able to “tell” the destination mail server that we want to enter the E-mail message content, we use the command: data

The EOP server reply is:

354 Start mail input; end with <CRLF>.<CRLF>

5. Ending the SMTP session

To be able to “tell” EOP server that we want to end the session and send the E-mail message, we use the period charter:

In our example, we see the response of the EOP server. The message “Queued mail for delivery” is usually a good sign.
The meaning is that the destination mail server agrees to accept our E-mail message and, the E-mail message was placed on the mail server queue.

250 2.6.0 <f9b0d90a-b4b6-4d72-9a7d-0a5c92b71960@AM1FFO11FD029.protection.gbl>
[InternalId=13370233193878, Hostname=HE1PR05MB1146.eurprd05.prod.outlook.com] Queued mail for delivery

Verifying communication with Exchange Online using Telnet -03

Verifying the SMTP communication channel with Exchange Online

Another way that we can use for: Verifying the SMTP communication channel with Exchange Online and for getting more detailed information in a communication failure scenario is a very nice and useful tool named: Basic SMTP Telnet Client

Note – the Basic SMTP Telnet Client doesn’t include an installation file but instead, just a simple EXE file named: telnet25.exe

All you need to do is just double-click on the EXE file.

In the following section, we will demonstrate how to use the Basic SMTP Telnet Client tool for creating an SMTP session with the Exchange Online server.

Scenario description: in our example, we will address the Exchange Online server who represents the o365info.com domain name, and we will send the email message from: john@o365info.com to himself.

  1. Receive Connector IP – in our example, we will use the Exchange Online server hostname: o365info-com.mail.protection.outlook.com
  2. TCP Port – type 25 as the port number
  3. Mail form: The E-mail address of the “source recipient” (in our scenario john@o365info.com)
  4. Recipient to: The E-mail address of the “destination recipient” (in our scenario john@o365info.com)
  5. Subject: any text that you would like
    Using a telnet mail client to verify communication with Exchange Online - 01

To be able to send the E-mail message we need to move on to the “Telnet” tab

  • Click on the SEND button.

Using a telnet mail client to verify communication with Exchange Online - 02

In the following screenshot, we can see the log of the SMTP session.

We can see information about the source and the destination recipients.

We can assume that the mail delivery completed successfully because in the Log file we can see the information: “Queued mail for delivery.”

Using a telnet mail client to verify communication with Exchange Online - 03

Send E-mail to Exchange Online | Article series index

Now it’s Your Turn!
It is important for us to know your opinion on this article


Print Friendly

Related Post

Please rate this

Eyal Doron on EmailEyal Doron on FacebookEyal Doron on GoogleEyal Doron on LinkedinEyal Doron on PinterestEyal Doron on RssEyal Doron on TwitterEyal Doron on WordpressEyal Doron on Youtube
Eyal Doron
Share your knowledge.
It’s a way to achieve immortality.
Dalai Lama

2 Responses to “Send mail to Exchange Online using standard SMTP session | Part 2#4”

  1. It is truly a nice and helpful piece of info. I am satisfied that you shared this helpful
    information with us. Please keep us informed like this.
    Thanks for sharing.

  2. I leave a leave a response whenever I like a post on a site or I have
    something to valuable to contribute to the conversation. Usually it is a result of the fire displayed in the post I browsed.
    And after this article Send mail to Exchange Online
    using standard SMTP session | Part 2#4 – o365info.com.

    I was moved enough to post a thought 😉 I do have a
    few questions for you if it’s okay. Could it be just me or does it seem like a few of these comments appear like they are coming
    from brain dead people? 😛 And, if you are posting at additional social sites,
    I’d like to follow everything new you have to post.
    Would you make a list the complete urls of all your communal sites like your twitter feed,
    Facebook page or linkedin profile?

Leave a Reply

Your email address will not be published. Required fields are marked *