Configure your WordPress site to send E-mail via Exchange Online (Office 365) anonymous session | Part 2#6

In the current article, we review a scenario in which we need to configure our WordPress site to use Exchange Online as “mail server”. The main character of this scenario is – that we want to configure our WordPress site to address Office 365 mail services without providing any user credentials (anonymously).

The reason for this requirement is – that we would like to avoid the need of purchase Office 365 user license that will be used for the authentication purposes.

Office 365 mail server host name

In Office 365 based environment, when we need to address the mail server that represents our domain name, anonymously, we need to address the hostname who is published in the MX record for our domain name.

In case that you don’t know the value of the Exchange Online server host name that represents your domain name, I add a special section at the bottom of the current article, in which we review the steps we need to implement for getting the required MX value.

WordPress mail plugin that we use

To mail communication configuration will be implemented by using useful WordPress mail plugin named- Postman SMTP Mailer/Email Log

The main advantage of this WordPress mail plugin is that he offers us a comfortable interface, and tools that enable us to deal with a troubleshooting scenario of mail failure, in which we don’t manage to send an E-mail to the destination recipient.

Scenario description – configure WordPress mail plugin to use Exchange Online as a mail server using SMTP

The characters of our scenario are as follows:

• We need to configure our WordPress website to send an E-mail notification to our organization users. The public domain name of our organization is – com
• Our organization purchased Office 365 subscriptions, and we want that our WordPress website will use Office 365 mail servers (Exchange Online) as “his mail server.”
• The “identity” that will be used by the WordPress website will be – support@o365info.com
• The support@o365info.com E-mail address is not “attached” to Office 365 user account. In other words, there are no Office 365 users who use this E-mail address.
• For this reason, we will configure the Postman SMTP Mailer/Email Log to address Exchange Online server using SMTP session without authentication.
• The host name of the Exchange Online mail server that host our domain
  name is –o365info-com.mail.protection.outlook.com

In the following table, we can see a summary of the “relationship” that are our WordPress website will have with the Office 365 (Exchange Online) mail server:

Because we don’t provide any user credentials, the E-mail that will be sent from the WordPress website to Exchange Online, will be identified as “problematic E-mail” and the Exchange Online server will stamp these E-mails with high SCL (spam confidence level) value.

In the next article – Creating Exchange Online bypass spam rule – whitelist specific sender E-mail address | Part 3#6 , we will review how to deal with this issue by creating an Exchange Online bypass spam rule, that will prevent the spam check when the sender E-mail address is support@o365info.com

In addition, we need to know that in this configuration, we will not be able to use the Exchange Online mail server for sending E-mails to recipients who considered as external recipients. In a scenario in which don’t provide user credentials, the Exchange Online mail server will not approve to “forward” (relay) the E-mail to the external recipients.

1#5 – Install the Postman SMTP Mailer WordPress plugin

In this section, we will review how to install the Postman SMTP Mailer/Email Log WordPress plugin.

• Login to your WordPress site
• Select the plugins menu
• Click – Add New

• In the search box – type postman SMTP and hit the Enter key
• When the search result appears, select the Postman SMTP Mailer/Email Log plugin
  and click Install Now

• Click on the link – Activate Plugin

• On the left menu bar, select the menu – Plugins
• Look for the Postman SMTP plugin
• Click on the Settings menu

2#5 – Configure the SMTP Mailer WordPress plugin | Send E-mail via Office 365 (Exchange Online) server using SMTP

In the following section, we review how to configure the Postman SMTP plugin to use Exchange Online as a “mail server.” server”. It is important to emphasize that in our scenario, we will configure a communication channel with the Exchange Online server using SMTP protocol.

I emphasize this “detail” because, there is an option to use another communication channel, that is based on an authenticated mail session + TLS protocol, and that scenario requires different configuration settings. The article – Configure your WordPress site to send E-mail via Exchange Online (Office 365) provide user credentials | Part 4#6  include step by step description of the TLS settings.

• On the left menu bar, select the menu – Postman SMTP
• Select the menu – Show All Settings

• Select the – Account tab

In the following table, we can see the values of the different parameters that we will configure in our specific scenario:

Type	SMTP	Number 1
Transport Settings
Outgoing Mail Server Hostname	o365info-com.mail.protection.outlook.com	Number 2
Outgoing Mail Server Port	25	Number 3
Envelope-From Email Address	The “sender” E-mail address	Number 4
Security	None	Number 5
Authentication	None	Number 6

Outgoing Mail Server Hostname

In the field name – Outgoing Mail Server Hostname, we need to write the hostname of the mail server that we are going to address.

In our scenario, I use the hostname of the Office 365 mail servers (Exchange Online) that represent my domain – o365info.com

The hostname of my Office 365 mail server is- o365info-com.mail.protection.outlook.com

Security + Authentication

The value that we set for the Security + Authentication field is “None” because the E-mail address that we use is not “attached” to a specific Office 365 user.

• Select – Save Changes

• Select the – Message tab

In this section, we define the “identity” of the WordPress sender that will appear in the E-mail message that will be sent out.

In our example, the E-mail address that we will use as the “sender E-mail address”
Is – support@o365info.com

• Select – Save Changes

3#5 – Send test E-mail to organization recipient using the SMTP Mailer WordPress plugin | Send E-mail via Office 365 (Exchange Online) server

In the following section, we review the process in which we verify that the mail server settings were configured correctly and that we manage to successfully send E-mail to the destination recipient.

In our scenario, the WordPress sender identity is represented by the E-mail address support@o365info.com and we will send E-mail to “another o365info.com recipient.”

The expected results are:

• The E-mail message will successfully reach the Exchange Online mail server.
• The Exchange Online mail server will deliver the E-mail message to the destination recipient (Bobm@o365info.com in our example).

In addition, the E-mail that we sent via the WordPress site will probably classify by the Exchange Online server, as a “problematic E-mail” because, the sender “claim” that he belongs to o365info.com, but he cannot provide user credentials.

Sending test E-mail to organization recipient

• Select the menu – Send a Test Email

• In the recipient E-mail address text box, provide the E-mail address of the destination recipient. In our example, the recipient is Bobm@o365info.com. The destination recipient considers as an “organization recipient” because our organization is – o365info.com
• Click Next

In the following screenshot, we can see that the E-mail address was successfully sent to the destination recipient.

The meaning is that:

1. That our WordPress site manages to create an SMTP session with the Office 365 mail server.
2. That the Office 365 mail server (Exchange Online) “agrees” to accept the E-mail.

Now, we want to check what happened to the “other side” meaning, the side of the destination recipient.

In the following screenshot, we can see that the E-mail reaches to Bob’s mailbox. However, it’s important to notice that the E-mail was classified a “spam mail” and for this reason, sent to the junk mail folder!

How does Exchange Online treat “suspicious sender”?

The reason for this “strange phenomenon” in which the E-mail address that was sent from the WordPress site reaches the junk mail folder is, because the mail server that host our domain (o365info.com in our example) cannot trust a mail client, that his E-mail address includes our domain name, but the mail client didn’t provide any user credentials.

From the mail server point of view, the sender considers “suspicious”!

For this reason, the mail server can decide to reject the E-mail message that sent from the “untrusted sender” or mark the E-mail message as “spam mail.”

In Exchange Online based environment, the Exchange Online mail will not reject or delete the
E-mail that was sent by the “suspicious sender” but instead, “stamp” the E-mail using high SCL value.

• The “spam Grade,” is represented by a value named – SCL (Spam Confidence Level).
• The SCL score ranges over start with -1 and end with 9.
• Each E-mail that has a spam score of 2 – 9, consider as spam mail.

Analyzing the information in the E-mail message header

To be able to understand better the reason for this “phenomena,” we will look at the E-mail header content that was sent to Bob.

In our example, we analyze the E-mail header content by using the Microsoft Remote Connectivity Analyzer

Exchange stores the information about the “spam level” of specific E-mail in the mail
field- X-Forefront-Antispam-Report.

In the following screenshot, we can see that Exchange Online stamp the E-mail using SCL=5. The meaning is that there is high chance that the E-mail is sent by “problematic sender.”

When looking at an additional mail field named – MS-Exchange-Organization-AuthAs, we can see that the value is – Anonymous

The reason in which the Office 365 mail server “think” that the E-mail is a spam mail is, because the sender uses the domain name that is hosted by Exchange server (o365info.com) but considers as “Anonymous sender” meaning, unauthenticated the sender.

Don’t worry!

In the next article – Creating Exchange Online bypass spam rule – whitelist specific sender E-mail address | Part 3#6 , I will provide a possible solution for this problem, by creating an Exchange Online bypass spam rule that will treat E-mail that sends by support@o365info.com as a legitimate E-mail message.

4#5 – Send test E-mail to an external recipient using the SMTP Mailer WordPress plugin | Send E-mail via the Office 365 (Exchange Online) server

In the following section, we will review an additional scenario in which we want to send E-mail to the external (non-organization) recipient.

The expected result is that the test will fail!

The reason for this “expected failure” is related to the fact that we address Office 365 mail server Anonymously.

In the previous section, we have seen, that the Office 365 mail server “agreed” to accept the E-mail address that was sent to Bob@o365info.com.

The Office 365 mail server “agreed” to accept the E-mail because he represents the specific domain name (in our example – o365info.com).

In case that we ask from a mail server to deliver E-mail to the recipient who is hosted at “other domains,” this process described as “relay.”

By default, the basic security setting of mail servers, will not allow to the mail server to “relay E-mail message” if the sender is Anonymous meaning – didn’t provide any user credentials.

To recap, one of the disadvantages of the scenario in which we address Office 365 mail server using SMTP and without providing user credentials is – that we cannot ask from Office 365 mail server to send E-mail to “external recipient.” This issue cannot be “fixed.”

In case that we need to send E-mail to “external recipient,” we will need to use TLS session + provide user credentials.

The instructions for this configuration appear in the article – Configure your WordPress site to send E-mail via Exchange Online (Office 365) provide user credentials | Part 4#6

Sending test E-mail to external recipients

• Select the menu – Send a Test Email

• In the recipient E-mail address text box, provide the E-mail address of the destination recipient.
  The destination recipient considers as an “external recipient.”
• Click Next

In the following screenshot, we can see that we didn’t manage to send the E-mail to the external recipient. The error message is –

5.7.64 TenantAttribution; Relay Access Denied

In simple word – the Office 365 mail server inform us that – he is not willing to “relay” (deliver) the E-mail address to the destination recipient!

5#5 – View information about email that that sent by using the Postman SMTP Mailer Log files

In the following section, I would like to review the process of accessing information about mail transaction that is stored in the Log file.

One of the features that I like in the Postman SMTP Mailer/Email Log plugin is the ability to access the Log file that includes detailed information about each mail transaction.

The ability to look at the log file, enable troubleshoot a scenario, and we experience “mail communication failure” for a specific recipient or specific domain.

• To be able to view information about specific mail transaction, select the setting of the Postman SMTP Mailer/Email Log plugin.
• Click on the link named – In the log

In the following screenshot, we can see an example of the “documentation” of the mail transaction that occurred.

• To be able to get details on a specific mail transaction, select the required mail and click on the menu – Session Transcript

In the following screenshot, we can see the “recording” of the session that occurred between our WordPress site (the Postman SMTP Mailer/Email Log plugin) and the destination mail server.

In our specific example, we can see information about the E-mail that we try to send to external recipients. We can see that we manage to connect the Office 365 mail server but the Office 365 mail server “refuse” to accept the “delivery request” to the external recipient (refusing to relay the E-mail).

How to get the value of our MX record from the Office 365 portal

To be able to address the Office 365 mail server (Exchange Online) that represent our domain name anonymously, we will need to find the host name of our mail server.

The information about the host name of “our Office 365 mail server” or in other words, the hostname who appears in the MX record that represents our domain, the name appears in the Office 365 portal.

To be able to get this information we will need to login to Office 365 portal using Global administrator credentials.

• Login to Office 365 management portal
• On the left menu bar, click on the Setting icon
• Select the submenu Domains

Select the domain name which you want to view his DNS settings

• In our example, we select the registered domain name – o365info.com
• In the setting window that appears, select the menu – DNS settings

• Click on the Exchange Online section

In the following screenshot, we can see the information about the DNS records

We want to know what is the value of the MX record that Office 365 creates for our publicly registered domain name.

In our example, the value of the MX record is – o365info-com.mail.protection.outlook.com

The next article in the current article series

Creating Exchange Online bypass spam rule – whitelist specific sender E-mail address | Part 3#6