SMTP with office365?

Hello

I try to use Office365 as SMTP for discourse. I’m already using this account for my wordpress SMTP so the account is not the problem.

When i try to send a email test, an error message appear

[Sender] 504 5.7.4 Unrecognized authentication type [AM3PR05CA0123.eurprd05.prod.outlook.com]

This is my SMTP config from app.yml

## TODO: The SMTP mail server used to validate new accounts and send notifications
DISCOURSE_SMTP_ADDRESS: smtp.office365.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: test@example.fr
DISCOURSE_SMTP_PASSWORD: password
DISCOURSE_SMTP_AUTHENTICATION: login
DISCOURSE_SMTP_ENABLE_START_TLS: false 

Any idea how to fix the problem ?

Another config:

## TODO: The SMTP mail server used to validate new accounts and send notifications
DISCOURSE_SMTP_ADDRESS: smtp.office365.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: test@example.fr
DISCOURSE_SMTP_PASSWORD: password
DISCOURSE_SMTP_AUTHENTICATION: login
DISCOURSE_SMTP_ENABLE_START_TLS: true

I get the following error:

550 5.7.60 SMTP; Client does not have permissions to send as this sender

The problem is from Discourse, because I can test with swaks and it’s working

swaks --to test@example.com --from test2@example.com --server smtp.office365.com --auth login --auth-user test2@example.com -tls

Not Suggesting that You use office365 for SMTP but it seems like DISCOURSE_SMTP_AUTHENTICATION: login isn’t required … maybe try commenting that out and try again with STARTTLS set to True?

Okay the problem is now fixed. Huge mistake from my side : the email from Admin → settings → notification email was not the same from the smtp username.
Maybe a check should be made to prevent user to makes this mistake :face_with_raised_eyebrow:

but it seems like DISCOURSE_SMTP_AUTHENTICATION: login isn’t required

True, the final config

DISCOURSE_SMTP_ADDRESS: smtp.office365.com
DISCOURSE_SMTP_PORT: 587
DISCOURSE_SMTP_USER_NAME: test@example.fr
DISCOURSE_SMTP_PASSWORD: password
DISCOURSE_SMTP_AUTHENTICATION: login
DISCOURSE_SMTP_ENABLE_START_TLS: true
4 Likes

Discourse cannot guess what addresses the mail server will deliver for.

4 Likes

Sadly this solution is not working for me (I also tried to escape the password). I tried it with this SMTP setting problem with Office365 - #5 by ianwhite one which is working. But not everybody gets E-Mails… :thinking:

If some people get mail then it’s the fault of office365, or their mail provider. The others should check their spam folder, though if they use a service life office365 it will silently drop mail that it thinks is spam.

I tried it with these settings. In the skipped section in the email tab I can see the following error:

554 5.2.0 STOREDRV.Submission.Exception:SendAsDeniedException.MapiExceptionSendAsDenied;

Sounds like the address you are sending from is not one that the mail server supports. There is a line at the bottom of app.yml that week let you set the notification address. (you can set it in sure settings if you’re logged in)

2 Likes

Or maybe they have VERP enabled so the email address is replies+{key}@example.com instead of the authorized noreply@example.com That was the issue I’ve faced in past while trying to send mails from my own mail server. It’s usually easy to fix though.

2 Likes

Yes. This worked for me. Two things in the initial setup:

DISCOURSE_SMTP_USER_NAME:
-- AND --
DISCOURSE_NOTIFICATION_EMAIL:

needed to be set to the same email.

1 Like

Some up to date instructions for anyone struggling with office365 & direct-delivery

  • Go to Microsoft admin center
  • Click on Settings then Domains
  • Click on Add Domain
  • Follow the instructions on the screen to add your forum’s URL (example: forum:yourlinks.com)
  • Once you’ve completed the above steps and the DNS is verified, you’re now able to create an inbox using that subdomain
  • Click on Users and then Active users
  • Click on Add a user
  • Create the mailbox for your forum (example: noreply@forum.yourlinks.com) mailbox domain must match the hostname from where the forum runs
  • Click on Licenses & Apps
  • Assign this mailbox an Exchange Online (Plan 1) license (10,000 messages daily 30msg/min throttle) It is required to have a license attached to the mailbox for the purpose of direct-delivery. At the time of writing, the cost is $4.00USD/mo or $5.10/CAD | Should you require a higher limit or a shorter throttle, there are other plans available
  • Click on Mail and then Manage email apps
  • Enable “Authenticated SMTP”
  • Click Save changes
  • Go to your Azure portal
  • Browse to your active directory
  • Select Properties in the left sidebar, right under User settings
  • Select Manage security defaults
  • Set Security defaults to “disabled”
  • Click save
  • Go back to Users > Active users
  • Click on Multi-factor authentication
  • Disable MFA on the mailbox being used

The mailbox is now ready for use by your Discourse.

1 Like

Set Security defaults to “disabled”

This was the one thing that was stopping SMTP auth…
Been banging my head against a wall for days…
Why do MS make things so difficult…?

Disabling security defaults may no longer be necessary with MFA enforcement. If you enable and then enforce MFA on a M365 account, you can go to the account’s MFA setup page and add an app password to use and bypass MFA. I got it working with a M365 Business Basic-licensed user with MFA enforcement, SMTP AUTH, and security defaults all enabled. I just had to turn up the SMTP open and read timeouts with two additional lines. 30 may be excessive, but 5 was too little.

Working app.yml entry, as of September 2023:

  DISCOURSE_SMTP_ADDRESS: smtp.office365.com
  DISCOURSE_SMTP_PORT: 587
  DISCOURSE_SMTP_USER_NAME: user@domain.com
  DISCOURSE_SMTP_PASSWORD: whatever-your-app-password-is
  DISCOURSE_SMTP_AUTHENTICATION: login
  DISCOURSE_SMTP_ENABLE_START_TLS: true
  DISCOURSE_NOTIFICATION_EMAIL: user@domain.com
  DISCOURSE_SMTP_OPEN_TIMEOUT: 30
  DISCOURSE_SMTP_READ_TIMEOUT: 30

This topic was automatically closed after 2343 days. New replies are no longer allowed.