Until recently I used my internet service providers SMTP servers to deliver windows update reports from lab computers.
I started to notice that some hosts did not report correctly and after some investigation I discovered that some of the SMTP servers in the pool were blacklisted.
As I had previously had good results with SendGrid and they happen to have a free plan for 100 emails/month I decided to set up SMTP relay trough their service.
I started with installing SMTP server role on one of the windows hosts.
Select SMTP Server from features and it will install all necessary components.
Now when we have SMTP Server installed we can continue on registering new API key on SendGrid.
Go to API keys, crate new API key and set access permission to “Restricted Access” and only allow “Mail send”
Copy API Key password as you will need it later.
Now go back to the server where you installed SMTP Server role.
Start IIS 6.0 Manager and open SMTP Virtual Server properties.
Go to Access -> Relay Restrictions. Add IP addresses or ranges that should be able to send email trough the SMTP Server.
Next go to Delivery -> Outbound Security. Fill in apikey as username and API Key password as password. Also select TLS.
Next go to outbound connections. Change port to 587 (Most ISP’s block default port 25)
Now click on Advanced. Fill in smtp.sendgrid.net as smart host.
I added smtp.rieskaniemi.com into internal DNS and also changed FQDN under advanced settings to match that.
Now you should be able to send email trough your new SMTP relay server.
You can send testmail by telnetting into your SMTP server.
Open Putty and telnet to port 25.
220 smtp.rieskaniemi.com Microsoft ESMTP MAIL Service, Version: 10.0.14393.0 ready at Wed, 12 Sep 2018 22:22:20 +0300
250 smtp.rieskaniemi.com Hello [xx.xx.xx.xx]
mail from: firstname.lastname@example.org
250 2.1.0 email@example.com….Sender OK
rcpt to: firstname.lastname@example.org
250 2.1.5 email@example.com
354 Start mail input; end with <CRLF>.<CRLF>
Testing SMTP relay
250 2.6.0 <AADCS011fY5ggkIzCmG00000001@AADCS01.rieskaniemi.com> Queued mail for delivery
You can see in SendGrid that email were delivered.
And also in Gmail
If you use SPF to define hosts allowed to send emails behalf of your domain then remember to include
include:sendgrid.net in SPF record.
More information about spf: https://sendgrid.com/docs/glossary/spf/
You should also verify domain in SendGrid to get your relayed emails DKIM signed.