I use O365 Business (Or whatever the heck they call it now) for my email, so for SMTP on all my devices at home, I use an O365 account with an app password, sending as a distro-group so it can have a custom name

This works, but I don’t like how every device/server has O365 creds in it. I am thinking I should setup an SMTP Relay at home locally, which sends to O365 (Or Sendgrid, etc etc) and then SMTP on local services can just point to that local address

Is this the right way to go about it? What is the current best software do it? I’ve only ever had experience using IIS to do this, and of course I don’t want to be running windows!

  • @[email protected]
    link
    fedilink
    English
    71 year ago

    Interactive (i.e. end-users) Clients should be using OAuth instead of app passwords. This will allow your users to use their own Office365 credentials for SMTP.

    For servers and non-interactive clients (e.g. copiers/printers/toasters/coffee makers) I would suggest something along the lines here: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365#compare-the-options

  • @[email protected]
    link
    fedilink
    English
    21 year ago

    I think what you’re doing is fine, in fact, it’s one of the Microsoft recommended methods of doing it.

  • 𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶
    link
    fedilink
    English
    21 year ago

    In my case I have postfix running as an open relay inside my network that then relays to Amazon SES. But I have my own domain.

    I imagine doing something similar where you relay to o365 might work.

  • @peregus
    link
    English
    21 year ago

    I’ve started using SMTP2GO for all my notification. Up to 1000 email/month it’s free. So I don’t have to rely on Google/Microsoft account/changes that they do every once in a while.

    • @[email protected]
      link
      fedilink
      English
      11 year ago

      I’ve been thinking about using that as an SMTP relay as well (Because my email server doesn’t have reverse DNS). Would you recommend it?

      • @peregus
        link
        English
        11 year ago

        Definitely! I’ve been using without any problem the free version.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          I haven’t found any reason online for not using it either, so I guess I’ll just use that. Free account should be more than enough for me too, no way am I going to send more than 1000 emails a month.

  • @[email protected]B
    link
    fedilink
    English
    1
    edit-2
    1 year ago

    Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:

    Fewer Letters More Letters
    DNS Domain Name Service/System
    IP Internet Protocol
    SMTP Simple Mail Transfer Protocol

    [Thread #344 for this sub, first seen 12th Dec 2023, 10:55] [FAQ] [Full list] [Contact] [Source code]

  • @TORFdot0
    link
    English
    11 year ago

    If you are just sending notification emails to your own account then you can use SMTP directly to O365 without authentication and it will be delivered as long as it’s being sent within your tenant (if your home IP isn’t in your SPF record it may get delivered to junk however)

    This is how we handle scan to email using MFPs in our org. No credentials, or even a mailbox for the outgoing sender, required

    • @lando55
      link
      English
      31 year ago

      Just make sure it is only accessible in trusted networks though!!

      Aw you’re no fun. Next you’ll be telling me to block all emails over 500 miles.

    • @SheeEttin
      link
      English
      21 year ago

      An unauthenticated relay isn’t a security problem when it can only send to certain addresses in 365, and isn’t even accessible outside the local network.

      • @[email protected]
        link
        fedilink
        English
        01 year ago

        Well…it is a potential risk that links back to you pretty much directly. What is stopping some rogue sw from sniffing out smtp and then going bananas?

        I would look for other ways tbh. Running smtp locally is imo asking for trouble.

        • @SheeEttin
          link
          English
          11 year ago

          It’s behind a firewall for one. But even so, you should configure it to only accept connections from the local network, only send via 365, and only to your own address, then the scope is vastly reduced.

          • @[email protected]
            link
            fedilink
            English
            -1
            edit-2
            1 year ago

            threat & impact is essentially identical => “so for SMTP on all my devices at home”; the home environment is a bit swampy, a mix of protected and unprotected network.

            A worm/bot sending out mass emails from Business 365 would be perceptually damaging to the business; would advise against SMTP and instead look at other secure methods of provisioning identity that are not quite as labor intensive as sticking credentials in each nook and cranny. Or…simply don’t utilize O365…