Set up problems with printers, scanners, and LOB applications that ship email using Microsoft 365 or Office 365

  • Commodity
  • 12 minutes to read

Email clients provide actionable mistake messages when something goes incorrect. Sending email from devices and applications is less easy to fix, and you might not get clear data to aid you lot. This article can help you troubleshoot, and it uses printer configurations every bit examples.

As a starting time step to fixing any problems, cheque your configuration. Run into How to ready up a multifunction device or application to send electronic mail using Microsoft 365 or Role 365 for detailed information almost the configuration options.

My printer is already configured for email, merely I don't know which configuration option it uses

The post-obit listing describes the available configuration options:

  1. SMTP customer submission (recommended)

    • Your printer is connected to the server named smtp.office365.com.
    • You lot entered an email address and countersign for Microsoft 365 or Part 365 business relationship/mailbox that the printer uses.
    • The printer tin send email to people inside and outside your system.

    Shows how a multifunction printer connects to Microsoft 365 or Office 365 using SMTP client submission.

  2. Direct transport

    • Your printer is connected to a Microsoft 365 or Function 365 server whose name ends with mail.protection.outlook.com.
    • There's no connector in Microsoft 365 or Role 365 for post sent from your on-premises organization to Microsoft 365 or Office 365.
    • The printer tin can ship e-mail merely to people in your organization; the printer tin't send email to recipients outside your arrangement.

    Shows how a multifunction printer uses your Microsoft 365 or Office 365 MX endpoint to send email directly to recipients in your organization only.

  3. Microsoft 365 or Role 365 SMTP relay

    • Your printer is continued to a Microsoft 365 or Function 365 server whose name ends with mail.protection.outlook.com.
    • You lot've configured a connector in Microsoft 365 or Function 365 for mail sent from your on-bounds system to Microsoft 365 or Office 365.
    • The printer tin send email to people inside and exterior your arrangement.

    Shows how a multifunction printer connects to Microsoft 365 or Office 365 using SMTP relay.

Set issues with SMTP client submission

I fix my printer for SMTP client submission, but it notwithstanding can't ship email

  1. Check the settings that were entered straight into the printer:

    Printer setting Value
    Server/smart host smtp.office365.com
    Port Port 587 (recommended) or port 25
    TLS/StartTLS Enabled
    Username/email accost and password Sign in credentials of Microsoft 365 or Office 365 mailbox the printer uses

  2. If your printer didn't require a password for the username/electronic mail address that you entered, then your printer is trying to send email without logging on to Microsoft 365 or Office 365. SMTP client submission requires your printer to sign in to Microsoft 365 or Function 365. Direct send and Microsoft 365 or Function 365 SMTP relay don't crave a logon; consider 1 of these options instead.

  3. Your printer or application must send electronic mail from the same email address that y'all entered as logon credentials during email setup. If the printer or awarding tries to send email from a unlike account, this results in an error similar to:

    5.7.threescore SMTP; Client does not take permissions to ship as this sender.

    For instance, if you entered login credentials for sales@contoso.com in your printer or application settings, but the printer tries to ship electronic mail from salesperson1@contoso.com, this configuration isn't supported. For this scenario, use Microsoft 365 or Office 365 SMTP relay instead.

  4. Examination the username and countersign past logging on to Outlook on the web, and try to send a exam email to make sure the account isn't blocked. If the user is blocked, see, Remove blocked users from the Restricted Users portal.

  5. Next, test that you tin can connect to Microsoft 365 or Office 365 from your network by doing the following steps:

    1. Follow the instructions to install the Telnet Client tool on a reckoner on the aforementioned network as the device or application.

    2. Run the tool from the command line by typing telnet.

    3. Blazon open up smtp.office365.com 587 (or substitute 25 for 587 if yous're using that port setting instead).

    4. If you connected successfully to an Office 365 server, expect to receive a response line similar to this:

      220 BY1PR10CA0041.outlook.office365.com Microsoft ESMTP Postal service Service ready at Mon, one Jun 2015 12:00:00 +0000

    5. If you can't connect to Microsoft 365 or Office 365, your network firewall or Internet Service Provider (Internet access provider) might have blocked port 587 or 25. Right this so you can ship e-mail from your printer.

  6. If none of these issues apply to your device, it might not meet requirements for Send Layer Security (TLS) encryption.

    Recently, nosotros started rejecting a percentage of connections to smtp.office365.com that uses TLS1.0/1.i for SMTP AUTH.

    Your device must support TLS version 1.2 or above. Update the firmware on the device or try 1 of the other configuration options where TLS is optional. If you need to utilize TLS ane.0/ane.one for SMTP AUTH to retain legacy clients and devices, y'all must opt-in by:

    • Ready the AllowLegacyTLSClients parameter on the Set up-TransportConfig cmdlet to True. Or from Substitution admin centre, go to Settings > Post Period and (nether Security) check "Turn on utilise of legacy TLS clients" and click on Salve.
    • Legacy clients and devices need to be configured to submit to the new endpoint smtp-legacy.office365.com.

To learn more, come across New opt-in endpoint available for SMTP AUTH clients still needing legacy TLS

For more information about TLS, see How Exchange Online uses TLS to secure email connections. For detailed technical information about how Commutation Online uses TLS with nil suite ordering, run into Enhancing mail service flow security for Exchange Online.

I receive an authentication error when my device tries to ship email

This can be caused by a number of bug:

  1. Make sure that you entered the correct username and countersign.
  2. Effort logging into Outlook on the web with the printer'south username and countersign. Send an email to make sure that the mailbox is active and has not been blocked for sending spam.
  3. Check that your device or awarding supports TLS version i.2 or to a higher place. The best way to check is by upgrading the firmware on the device or updating the application to the latest version. Contact the device manufacturer to ostend that it supports TLS version 1.two or higher up.

Fault: Authentication unsuccessful

If yous receive ane of the following errors:

  • 535 5.7.3 Hallmark unsuccessful
  • five.7.57 Customer non authenticated to ship mail

There are a few things yous should bank check:

  1. Use Exchange Online PowerShell to verify that authenticated SMTP submission (too known as SMTP AUTH) is enabled on the licensed mailbox that the printer or application is using to connect to Microsoft 365 or Function 365:

    In Exchange Online PowerShell, replace <EmailAddress> with the email accost and run the following command:

                      Get-CASMailbox -Identity <EmailAddress> | Format-Listing SmtpClientAuthenticationDisabled

    If the value is True, supplant <EmailAddress> with the email accost and run the following command to enable it:

                      Set-CASMailbox -Identity <EmailAddress> -SmtpClientAuthenticationDisabled $false

  2. Disable Multi-Factor Hallmark (MFA) on the licensed mailbox that's existence used:

    • In the Microsoft 365 admin middle, in the left navigation bill of fare, cull Users > Active users.
    • On the Agile users page, cull Multi-Factor Authentication.
    • On the multi-factor authentication folio, select the user and disable the Multi-Factor Authentication status.

  3. Disable the Azure Security Defaults by toggling the Enable Security Defaults to No:

    Caution

    Don't do this stride unless y'all understand the risks that are involved.

    • Sign in to the Azure portal equally a Security administrator, Conditional Admission administrator, or Global administrator.
    • Browse to Azure Agile Directory > Properties.
    • Select Manage security defaults.
    • Ready the Enable security defaults toggle to No.
    • Select Save.

  4. Exclude the user from a Conditional Access policy that blocks Legacy Authentication:

    • Sign in to the Azure portal as a Security ambassador, Conditional Access ambassador, or Global administrator.
    • Browse to Azure Active Directory > Security > Conditional Access.
    • In the policy that blocks Legacy Hallmark, exclude the mailbox being used under Users and Groups > Exclude.
    • Select Save.

Error: five.7.60 SMTP; Client does not take permissions to send as this sender

This error indicates that the device is trying to send an email from an address that doesn't match the logon credentials. An example would be if your entered login credentials for sales@contoso.com in your awarding settings only the application tries to send emails from salesperson1@contoso.com. If your application or printer behaves this way, apply Microsoft 365 or Office 365 SMTP relay because SMTP client submission does non support this scenario.

Mistake: Customer was not authenticated to ship anonymous post during MAIL FROM

This mistake indicates that your printer connects to the SMTP client submission endpoint (smtp.office365.com). However, your printer must also logon to a mailbox to send a bulletin. This error occurs when you lot take not entered mailbox logon credentials in the printer'southward settings. If at that place is no option to enter credentials, this printer does not back up SMTP client submission; apply either straight send or Microsoft 365 or Office 365 SMTP relay instead. Meet How to set up a multifunction device or application to send electronic mail using Microsoft 365 or Office 365.

Error: 550 5.1.8 Bad outbound sender

This error indicates that the device is trying to transport an email from a Microsoft 365 or Office 365 mailbox that is on a spam cake list. For aid, see Remove blocked users from the Restricted Users portal.

Fix issues with directly transport

I set up my printer for direct send and it'south not sending electronic mail - or - My device was sending email using direct transport, but it stopped working

This can be caused by a number of issues.

  1. A common reason for issues with direct transport is a blocked IP address. If antispam tools detect outbound spam from your organization, your IP address tin be blocked by a spam block list. Check whether your IP address is on a block list past using a third-political party service, such as MXToolbox or WhatIsMyIPAddress. Follow upwardly with the organization that added your IP address to their block listing. Microsoft 365 and Office 365 use block lists to protect our service. For help, run into Remove blocked users from the Restricted Users portal.

  2. To dominion out a trouble with your device, send a examination email to check your connection to Microsoft 365 or Office 365. To send a test email, follow these steps in the commodity, Utilize Telnet to Test SMTP Communication. If you lot can't connect to Microsoft 365 or Office 365, your network or ISP might have blocked communication using port 25. If you lot can't reverse this, employ SMTP client submission instead.

Client was not authenticated to send anonymous mail during Postal service FROM error

This indicates that you lot are connecting to the SMTP client submission endpoint (smtp.office365.com), which tin't exist used for direct send. For direct send, utilise the MX endpoint for your Microsoft 365 or Function 365 organization, which ends with "post.protection.outlook.com." You tin can find your MX endpoint by following the steps in Option ii: Ship mail direct from your printer or application to Microsoft 365 or Office 365 (direct send).

My emails are not sent to recipients who are non in my organization

This is by pattern. Straight send allows email to be sent just to recipients in your arrangement that are hosted in Microsoft 365 or Office 365. If you demand to send to external recipients, use SMTP client submission or Microsoft 365 or Role 365 SMTP relay.

The MX endpoint is as well long for the printer setting box. Tin can I use an IP address instead?

It's not possible to utilize an IP address in place of an MX endpoint. This could event in your not existence able to ship messages in the future. If the MX endpoint is besides long, consider using SMTP client submission, which has a shorter endpoint (smtp.office365.com).

Emails from my device are marked equally junk by Microsoft 365 or Part 365

For direct transport, we recommend using a device that sends from a static IP address. This allows you to fix a Sender Policy Framework (SPF) record to help preclude emails existence marked as spam. Cheque that your SPF record is ready upward with your static IP address. A network or Isp change could change your static IP address. Update your SPF tape to reflect this change. If you aren't sending from your own static IP accost, consider SMTP client submission instead.

Fix issues with Microsoft 365 or Part 365 SMTP relay

I fix my printer for Microsoft 365 or Role 365 SMTP relay but it's non sending electronic mail -or- My device was sending email using SMTP relay, merely information technology stopped working

This can be acquired by a number of problems.

  1. A mutual reason for issues with Microsoft 365 or Office 365 SMTP relay is a blocked IP address. If antispam tools find outbound spam from your arrangement, your IP address can be blocked past a spam cake list. Check whether your IP accost is on a block list by using a third-political party service, such equally MXToolbox or WhatIsMyIPAddress. Follow up with the organization that added your IP address to their block list. Microsoft 365 and Office 365 use block lists to protect our service. For help, run across Remove blocked users from the Restricted Users portal.

  2. To rule out a problem with your device, send a test e-mail to check your connection to Microsoft 365 or Office 365. To send a exam email, follow these steps in the commodity, Use Telnet to Examination SMTP Communication. If you can't connect to Microsoft 365 or Function 365, your network or ISP might have blocked communication using port 25. If y'all can't reverse this, use SMTP client submission instead.

Emails are no longer existence sent to external recipients

Network or ISP changes might alter your static IP address. This results in your connector not identifying and relaying your messages to external recipients. Update your connector and your SPF record with the new IP accost. Follow the steps in Option three: Configure a connector to send mail using Microsoft 365 or Role 365 SMTP relay to edit your existing connector settings.

5.7.64 TenantAttribution; Relay Access Denied or iv.iv.62 Mail sent to the wrong Office 365 region

This mistake indicates that electronic mail sent from your application or device is non correctly attributed to your tenant. A common cause of this issue is a alter in your dedicated and static IP address or a change in the certificate used by your application or device. Update the inbound connector with the new IP address or new certificate data.

Email from my device is marked equally junk past Microsoft 365 or Office 365

Microsoft 365 or Function 365 SMTP relay requires your device to send electronic mail from a static IP address. Check that your SPF record is ready upward with your static IP accost. A network or Internet access provider alter could change your static IP address. Update your SPF record to reverberate this change. If you lot aren't sending from your own static IP address, consider SMTP client submission instead.

Run diagnostic to setup applications or devices sending email using Microsoft 365

Note

This feature requires a Microsoft 365 administrator account.

If yous all the same need aid to ready problems with applications or devices sending electronic mail using Microsoft 365, you can run an automatic diagnostic.

To run the diagnostic check, select the following button:

A flyout page opens in the Microsoft 365 admin center. Select the appropriate option that you are looking for, eg. new setup or troubleshooting existing setup.