What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Problem sending mail to SMTP Relay with Authentication

Votes:

0

Greetings,

I'm having problem sending email notifications to an SMTP relay with authentication. My email service is Office 365 (Exchange Online) and I get informations above with admin:

Sender E-Mail: [email protected]
SMTP Relay Server: pod51028.outlook.com
SMTP Relay SMTP Port: 587
Cryptographic method: TLS
User: [email protected]
Password: <pass>

So, I configured on PRTG Server (Notifications Delivery):

  1. Authentication "No authentication is required", SSL Method "TLS V1", Security "No encryption (use plain text)"
  2. Authentication "No authentication is required", SSL Method "TLS V1", Security "Encrypt data using Transport-Level Security (TLS)"
  3. Authentication "Use standard SMTP authentication", SSL Method "TLS V1", SMTP Relay Username "[email protected]", SMTP Relay Password "<?>", Security "No encryption (use plain text)"
  4. Authentication "Use standard SMTP authentication", SSL Method "TLS V1", SMTP Relay Username "[email protected]", SMTP Relay Password "<?>", Security "Encrypt data using Transport-Level Security (TLS)"
  5. Authentication "SASL authentication is required", SSL Method "TLS V1", SMTP Relay Username "[email protected]", SMTP Relay Password "<?>", Security "No encryption (use plain text)"
  6. Authentication "SASL authentication is required", SSL Method "TLS V1", SMTP Relay Username "[email protected]", SMTP Relay Password "<?>", Security "Encrypt data using Transport-Level Security (TLS)".

On tests 3 and 4 results logs "Error sending "Email": Connection failed ("pod51028.outlook.com")", and on tests 5 and 6 results "Error sending "Email": Authentication unsuccessful ("pod51028.outlook.com")".

I sniffed internal interface (DMZ) on firewall filtering packets of PRTG server during test 3, 4, 5 and 6 and catch this dump:

220 pod51028.outlook.com Microsoft ESMTP MAIL Service ready at Mon, 18 Jun 2012 21:22:30 +0000
EHLO monitor.zillion.com.br
250-pod51028.outlook.com Hello [187.72.237.228]
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
QUIT
221 2.0.0 Service closing transmission channel

Now, I sniffed interface a workstation with Mozilla Thunderbird and catch this:

220 pod51028.outlook.com Microsoft ESMTP MAIL Service ready at Mon, 18 Jun 2012 20:57:00 +0000
EHLO [192.168.0.41]
250-pod51028.outlook.com Hello [187.72.237.225]
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-AUTH
250-8BITMIME
250-BINARYMIME
250 CHUNKING
STARTTLS
220 2.0.0 SMTP server ready
(continue...)

What could I do to resolve this problem?

notification-delivery office365 send-email smtp

Created on Jul 4, 2012 1:17:05 PM

Last change on Nov 28, 2018 12:35:18 PM by Luciano Lingnau [Paessler]



Best Answer

Accepted Answer

Votes:

0

Hi,

according to guidelines given by the support, I found another way to configure it with Office365.

  • Determine Office 365 SMTP Server Settings*
  1. Login in to the Microsoft Online Services Portal;
  2. Click on Outlook;
  3. Click Options (upper right corner)
  4. Click on About
  5. There will be a section titled External SMTP setting that looks like:
    1. Server name: pod51010.outlook.com (your’s may be different)
    2. Port: 587
    3. Encryption method: TLS
  6. Install and Configure Windows Server 2008 SMTP Relay
  7. Add the SMTP Server feature. (You can install same server on PRTG Core Server) (Start->Administrative Tools->Server Manager->Features->Add Features->SMTP Server). The Add features wizard bring up the Select Role Services for the Web Server (IIS) role. Select the IIS Management Console role service. You’ll need this for step 2. In some older versions of Windows Server the SMTP Server function is included with the Web Server (IIS) role. For that case, make sure to include the IIS Management Console and IIS 6 Management Console features.
  8. If this server doesn’t have a certificate already installed, you will need to install one. Office 365 requires TLS encryption and for this server to use TLS, it must have a certificate installed. To create the self-signed certificate: (Start->Administrative Tools->Internet Information Services (IIS) Manager->Select Host->Server Certificates->Create Self-Signed Certificate)
  9. Enable SMTP Server. (Server Manager->Features-> Enable SMTP Server)
  10. Now it’s time to actually configure the SMTP Relay for Office 365. Start->Administrative Tools->Internet Information Services (IIS) 6.0 Manager.
  11. Click on the ‘+’ next to your host name.
  12. Right-click on the [SMTP Virtual Server…] and select Properties. It’s now time to step through each of the tabs to configure the SMTP relay.
    1. General Tab: The IP address should be set to (All Unassigned).
    2. Access Tab: Click Authentication… and select the Anonymous access check box. This is the authentication used by the applications and devices within your network to access the new SMTP relay. It is being configured to be open to every device on your network.
    3. Access Tab: Click Connection… Select ‘Only the list below’ and click 'Add'; after insert the IP address of server (more secure); OR ‘All Except the list below’ and leave the list below blank. This allows any device inside your firewall to access this relay (less secure);
    4. Access Tab: Click Relay… Select ‘All Except the list below’ and leave the list below blank. This allows any device inside your firewall to access this relay. This setting is extemely open and assumes you trust the devices connecting to your network not to abuse this relay.
    5. Messages Tab: No changes. The default works well.
    6. Delivery Tab: Click Outbound Security… Select Basic authentication and enter the Office 365 username and password that will gateway will to authenticate with Office 365. The user name must be a fully qualified (ex: [email protected]) valid Office 365 user licensed for Exchange. For example if my domain is co365lab.com and the user to authenticate is admin, then the username would be [email protected]. Note that this same address must be used as the “From:” address for any e-mails sent to the relay from applications and devices. Check TLS encryption.
    7. Delivery Tab: Click Outbound connections… Set the TCP port to 587.
    8. Delivery Tab: Click Advanced Delivery and set the Fully-qualified domain name box to the name of the local server that is acting as the relay (ex: myserver1). Set the Smart host the full-qualified name of the Office 365 SMTP Server (ex. pod51010.outlook.com) that you determined if the first section. Make sure the “Attempt direct…” box is unchecked.
    9. LDAP Routing and Security Tabs: No changes to these areas.
  13. Make sure the SMTP Server is started. Right-click the SMTP Virtual Server and choose Start. You’re done configuring the SMTP Relay within Windows Server 2008 to work with Office 365.
  14. Configure device or application to use the new SMTP Relay
  15. On PRTG Web GUI, click Setup -> System Administration -> Notification Delivery
    1. Sender E-Mail: Office365 user FDQN ([email protected]).
    2. Sender Name: Any sender name;
    3. HELO Ident: This must be a unique name, preferably the DNS name of the machine running PRTG;
    4. SMTP Relay Server: IP address of SMTP Relay (i.e.: localhost);
    5. SMTP Relay SMTP Port: 25
    6. SMTP Relay Authentication: No authetication;
    7. SSL Method: Any;
    8. Security: No encryption (use plain text). The SMTP relay above is setup inside the company’s network, so the security assumes anyone with access to the relay can send e-mail through the gateway. Therefore, the connection requires no authentication (username or password).

"That's all, folks!"

Reference: http://www.configureoffice365.com/configure-office-365-smtp-relay/

Created on Aug 9, 2012 10:24:57 PM

Last change on Nov 28, 2018 12:38:51 PM by Luciano Lingnau [Paessler]



4 Replies

Votes:

0

I'm having a very similar issue with the SMTP-IMAP Round Trip sensor. I get the error "Error connecting with SSL. error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version". From my research it appears that PRTG may be trying to connect directly to port 587 when outlook.com is expecting a STARTTLS command first before it begins encrypted communication. I have no proof, but it seems that this is the issue. Anyone know how to fix it?

Created on Jul 30, 2012 9:33:34 PM



Accepted Answer

Votes:

0

Hi,

according to guidelines given by the support, I found another way to configure it with Office365.

  • Determine Office 365 SMTP Server Settings*
  1. Login in to the Microsoft Online Services Portal;
  2. Click on Outlook;
  3. Click Options (upper right corner)
  4. Click on About
  5. There will be a section titled External SMTP setting that looks like:
    1. Server name: pod51010.outlook.com (your’s may be different)
    2. Port: 587
    3. Encryption method: TLS
  6. Install and Configure Windows Server 2008 SMTP Relay
  7. Add the SMTP Server feature. (You can install same server on PRTG Core Server) (Start->Administrative Tools->Server Manager->Features->Add Features->SMTP Server). The Add features wizard bring up the Select Role Services for the Web Server (IIS) role. Select the IIS Management Console role service. You’ll need this for step 2. In some older versions of Windows Server the SMTP Server function is included with the Web Server (IIS) role. For that case, make sure to include the IIS Management Console and IIS 6 Management Console features.
  8. If this server doesn’t have a certificate already installed, you will need to install one. Office 365 requires TLS encryption and for this server to use TLS, it must have a certificate installed. To create the self-signed certificate: (Start->Administrative Tools->Internet Information Services (IIS) Manager->Select Host->Server Certificates->Create Self-Signed Certificate)
  9. Enable SMTP Server. (Server Manager->Features-> Enable SMTP Server)
  10. Now it’s time to actually configure the SMTP Relay for Office 365. Start->Administrative Tools->Internet Information Services (IIS) 6.0 Manager.
  11. Click on the ‘+’ next to your host name.
  12. Right-click on the [SMTP Virtual Server…] and select Properties. It’s now time to step through each of the tabs to configure the SMTP relay.
    1. General Tab: The IP address should be set to (All Unassigned).
    2. Access Tab: Click Authentication… and select the Anonymous access check box. This is the authentication used by the applications and devices within your network to access the new SMTP relay. It is being configured to be open to every device on your network.
    3. Access Tab: Click Connection… Select ‘Only the list below’ and click 'Add'; after insert the IP address of server (more secure); OR ‘All Except the list below’ and leave the list below blank. This allows any device inside your firewall to access this relay (less secure);
    4. Access Tab: Click Relay… Select ‘All Except the list below’ and leave the list below blank. This allows any device inside your firewall to access this relay. This setting is extemely open and assumes you trust the devices connecting to your network not to abuse this relay.
    5. Messages Tab: No changes. The default works well.
    6. Delivery Tab: Click Outbound Security… Select Basic authentication and enter the Office 365 username and password that will gateway will to authenticate with Office 365. The user name must be a fully qualified (ex: [email protected]) valid Office 365 user licensed for Exchange. For example if my domain is co365lab.com and the user to authenticate is admin, then the username would be [email protected]. Note that this same address must be used as the “From:” address for any e-mails sent to the relay from applications and devices. Check TLS encryption.
    7. Delivery Tab: Click Outbound connections… Set the TCP port to 587.
    8. Delivery Tab: Click Advanced Delivery and set the Fully-qualified domain name box to the name of the local server that is acting as the relay (ex: myserver1). Set the Smart host the full-qualified name of the Office 365 SMTP Server (ex. pod51010.outlook.com) that you determined if the first section. Make sure the “Attempt direct…” box is unchecked.
    9. LDAP Routing and Security Tabs: No changes to these areas.
  13. Make sure the SMTP Server is started. Right-click the SMTP Virtual Server and choose Start. You’re done configuring the SMTP Relay within Windows Server 2008 to work with Office 365.
  14. Configure device or application to use the new SMTP Relay
  15. On PRTG Web GUI, click Setup -> System Administration -> Notification Delivery
    1. Sender E-Mail: Office365 user FDQN ([email protected]).
    2. Sender Name: Any sender name;
    3. HELO Ident: This must be a unique name, preferably the DNS name of the machine running PRTG;
    4. SMTP Relay Server: IP address of SMTP Relay (i.e.: localhost);
    5. SMTP Relay SMTP Port: 25
    6. SMTP Relay Authentication: No authetication;
    7. SSL Method: Any;
    8. Security: No encryption (use plain text). The SMTP relay above is setup inside the company’s network, so the security assumes anyone with access to the relay can send e-mail through the gateway. Therefore, the connection requires no authentication (username or password).

"That's all, folks!"

Reference: http://www.configureoffice365.com/configure-office-365-smtp-relay/

Created on Aug 9, 2012 10:24:57 PM

Last change on Nov 28, 2018 12:38:51 PM by Luciano Lingnau [Paessler]



Votes:

0

With version 13.2, I am using Office 365 to relay messages with the built in settings.

SMTP server: outlook.office365.com Port:587 Auth:Use Standard SMTP Auth SSL Method: TLS v1 Explicit TLS: Explicit

Created on May 22, 2013 8:11:25 PM



Votes:

0

Another customer mentioned that the link in the first post is dead so I am posting an update to this http://support.microsoft.com/kb/2600912

Created on Jan 10, 2014 4:20:47 PM by Greg Campion [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.