Bookmarks for June 14, 2010

Bookmarks for May 29, 2010

Bookmarks for May 26, 2010

Bookmarks for May 25, 2010

Send email to BPOS from a “fake” email address

After I setup the SMTP relay server to send emails to BPOS, the next challenge to address was how could I allow multiple email addresses to send to BPOS that weren’t real mailboxes. For example, I have firewall logs sent from firewall@domain.com, but it isn’t a real mailbox.

The solution was much easier than I thought.

In your SMTP relay account, you just have to add it as an alternate email address. Make sure you add the alternate email addresses under this account!

To verify it, take a look at your SMTP relay logs.

If you send a test email from an email that isn’t added as an alternate email address, this is what you’re going to see:

MAIL - FROM:<firewall@demouser.org>
550+5.7.1+Client+does+not+have+permissions+to+send+as+this+sender

Log in to your admin site for BPOS. Find the account that you have setup as your relay account, and add the email address as an alternate email on the admin site as shown below.

image

Once you have added the email address, resend your test email and check your logs. You should now see this:

MAIL - FROM:<firewall@demouser.org>
250+2.1.0+Sender+OK

That’s all there is to it. Now all you have to do is add the email addresses for the rest of your “fake” senders.

If I have missed anything or you have some comments, please leave a comment.

Bookmarks for May 20, 2010

Configure SMTP Relay for BPOS/Exchange Online

When we made the move to Microsoft’s BPOS, we were left with a situation where some of our appliances were not able to make secure connections to the BPOS servers in order to send secure mail. The Microsoft Online Services (MOS) had a blog entry that explains how to setup SMTP relay to Exchange Online for your devices, but it makes an assumption that you can change the port on your appliance and/or software. We had ones that wouldn’t allow us to do that.

We talked to the support team about setting up a local SMTP relay that we could use to send messages to locally and in turn would send messages to Exchange Online securely. Unfortunately, they weren’t able to help much. They had some instructions on how to set it up, which was the blog post above, but nothing detailed.

I decided to use IIS’s SMTP Relay since it was something that was free and looked to be fairly simple to use.

Here is how I set it up. I’m making the assumption that you’ve already installed IIS and the SMTP service as shown below.

image

1) Go to the properties of the SMTP Virtual Server. Select the IP address of the server, and then click Advanced. In the Advanced section, verify the port that you want to use. In this case, I chose to use port 25.

image image

2) Select the Access tab. Click on Connection inside the Connection Control section and select the nodes you would like to have access to the SMTP Relay. Next click Relay under the Relay Restrictions section and select the nodes you want to relay through the server. In this example, I only chose this single server the ability to relay messages.

image image

3) Select the Delivery tab. Click the Outbound Security option. Select the Basic Authentication radio button and the TLS encryption option as well. Under basic authentication, enter the username/password (I left the username blank intentionally) of the mailbox that is going to be the account that is going to send out the email. IMPORTANT: This user must be an Exchange Online user, so you will use a license on this account. Once you have entered the information, hit OK. Select the Outbound Connections button. Change the TCP port to 587 and hit OK. And finally, select the Advanced button and enter in smtp.mail.microsoftonline.com into the smart host field. (Thanks Jeff for the reminder.)

image image image

NOTE: If you attempt to send as a user that is not an actual Exchange Online account, you will see the following message inside the logs. The logs are located here if you used the default values: C:WINDOWSsystem32LogFilesSMTPSVC1.

550+5.7.1+Client+does+not+have+permissions+to+send+as+this+sender

Otherwise you should see this entry in the log file.

250+2.1.0+Sender+OK

At this point, you can send a test email via the SMTP relay server to a recipient. I used a free command line utility called SendEmail. It has enough options to get the job done.

Once you send the email, check the logs to make sure that everything went through OK. When I enabled logging, I selected quite a few options because I’m not very familiar with IIS and didn’t know what I needed to record. I cleaned up the logs a little, but not enough. However, it’s enough for you to see what’s going on below.

EHLO - +tnssync1.tnslab.org 250 0 197 24 0 SMTP -
MAIL - +FROM:<trusteduser@senddomain.com> 250 0 41 28 0 SMTP -
RCPT - +TO:<user@recdomain.com> 250 0 33 30 0 SMTP -
DATA - +<792785.64453125-sendEmail@tnssync1> 250 0 120 720 16 SMTP -
QUIT - tnssync1.tnslab.org 240 31 68 4 0 SMTP -
220+smtp.mail.microsoftonline.com+Microsoft+ESMTP+MAIL+Service+ready+at+Sun,+9+May+2010+11:10:58+-0700 0 0 102 0 188 SMTP -
EHLO - tnssync1.tnslab.org 0 0 4 0 188 SMTP -
250-smtp.mail.microsoftonline.com+Hello+[75.228.236.136] 0 0 56 0 656 SMTP -
STARTTLS - - 0 0 8 0 656 SMTP -
220+2.0.0+SMTP+server+ready 0 0 27 0 1031 SMTP -
EHLO - tnssync1.tnslab.org 0 0 4 0 2281 SMTP -
250-smtp.mail.microsoftonline.com+Hello+[75.228.236.136] 0 0 56 0 2750 SMTP -
AUTH - - 0 0 4 0 2750 SMTP -
334+UGFzc3dvcmQ6 0 0 16 0 3063 SMTP -
235+2.7.0+Authentication+successful 0 0 35 0 3391 SMTP -
FROM:<trusteduser@senddomain.com>+SIZE=982 0 0 4 0 3391 SMTP -
250+2.1.0+Sender+OK 0 0 19 0 3531 SMTP -
RCPT - TO:<user@recdomain.com> 0 0 4 0 3531 SMTP -
250+2.1.5+Recipient+OK 0 0 22 0 3656 SMTP -
BDAT - 982+LAST 0 0 4 0 3656 SMTP -
250+2.6.0+<792785.64453125-sendEmail@tnssync1>+Queued+mail+for+delivery 0 0 71 0 4266 SMTP -
QUIT - - 0 0 4 0 4266 SMTP -
221+2.0.0+Service+closing+transmission+channel 0 0 46 0 4406 SMTP -

As you can see, the message sent out to Exchange Online via TLS. To verify it even further, look at the header information in the email that you received. In the header you should see the following line:

Received: from tnssync1.tnslab.org (75.228.236.136) by
smtp.mail.microsoftonline.com (10.32.16.41) with Microsoft SMTP Server (TLS)

At this point, your server is setup to send messages to Exchange Online securely.

If you have any additional input or if I missed anything, please email me and let me know.

Bookmarks for May 5, 2010

Bookmarks for May 1, 2010

Bookmarks for April 30, 2010