You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-network/troubleshoot-outbound-smtp-connectivity.md
+9-45Lines changed: 9 additions & 45 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,70 +17,34 @@ ms.author: genli
17
17
18
18
# Troubleshoot outbound SMTP connectivity problems in Azure
19
19
20
-
Outbound email messages that are sent directly to external domains (like outlook.com and gmail.com) on TCP port 25 from a virtual machine (VM) is possible only when the VM is deployed in certain subscription types.
20
+
Outbound email messages that are sent directly to external domains (such as outlook.com and gmail.com) from a virtual machine (VM) are made available only to certain subscription types in Microsoft Azure.
21
21
22
22
> [!IMPORTANT]
23
23
> For all examples below, the process applies *only* to Virtual Machines & VM Scale Sets resources (`Microsoft.Compute/virtualMachines` & `Microsoft.Compute/virtualMachineScaleSets`). Sending email on Port 25 is unsupported from all Azure Platform-as-a-Service (PaaS) resources, including [Azure App Service](https://azure.microsoft.com/services/app-service) and [Azure Functions](https://azure.microsoft.com/services/functions).
24
24
25
25
## Recommended method of sending email
26
-
27
26
We recommend you use authenticated SMTP relay services to send email from Azure VMs or from Azure App Service. (These relay services typically connect through TCP port 587, but they support other ports.) These services are used to maintain IP and domain reputation to minimize the possibility that external domains reject your messages or put them to the SPAM folder. [SendGrid](https://sendgrid.com/partners/azure/) is one such SMTP relay service, but there are others. You might also have an authenticated SMTP relay service on your on-premises servers.
28
27
29
28
Using these email delivery services isn't restricted in Azure, regardless of the subscription type.
30
29
31
30
## Enterprise Agreement
32
-
33
31
For VMs that are deployed in standard Enterprise Agreement subscriptions, the outbound SMTP connections on TCP port 25 will not be blocked. However, there is no guarantee that external domains will accept the incoming emails from the VMs. If your emails are rejected or filtered by the external domains, you should contact the email service providers of the external domains to resolve the problems. These problems are not covered by Azure support.
34
32
35
-
For Enterprise Dev/Test subscriptions, the 25 port is blocked by default. You need to submit a support ticket to enable the 25 port.
36
-
37
-
## Pay-as-you-go
38
-
39
-
The Azure platform will block outbound SMTP connections on TCP port 25 for VMs that are deployed in Pay-as-you-go subscriptions. It is possible to have this block removed if your Azure subscription is in good standing and has a sufficient payment history. you can request to have the restriction removed by going to the **Cannot send email (SMTP-Port 25)** section of the **Diagnose and Solve** blade for an Azure Virtual Network resource in the [Azure portal](https://portal.azure.com).
40
-
41
-
After a pay-as-you-go subscription is exempted from this block and the VMs are stopped and restarted in the Azure portal, all VMs in that subscription are exempted going forward. The exemption applies only to the subscription requested and only to VM traffic that's routed directly to the internet.
42
-
43
-
> [!NOTE]
44
-
> Microsoft reserves the right to revoke these exemptions if it's determined that a violation of terms of service has occurred.
45
-
46
-
## MSDN, Azure Pass, Azure in Open, Education, Azure for Students, Visual Studio, and Free Trial
47
-
48
-
The Azure platform will block outbound SMTP connections on TCP port 25 for VMs deployed in the following subscription types:
49
-
50
-
- MSDN
51
-
- Azure Pass
52
-
- Azure in Open
53
-
- Education
54
-
- Azure for Students
55
-
- Free Trial
56
-
- Any Visual Studio subscription
57
-
58
-
The restrictions are in place to prevent abuse. Requests to remove these restrictions won't be granted.
59
-
60
-
If you're using these subscription types, we encourage you to use an authenticated SMTP relay service, as outlined earlier in this article, or to change your subscription type.
61
-
62
-
## Cloud Solution Provider
63
-
64
-
The Azure platform will block outbound SMTP connections on TCP port 25 for VMs deployed in Cloud Solution Provider subscriptions. It is possible to have this block removed. To request to have the block removed, go to the **Cannot send email (SMTP-Port 25)** section of the **Diagnose and Solve** blade in the Azure Virtual Network resource in the Azure portal and open a support request.
65
-
66
-
## Microsoft Partner Network, BizSpark Plus, or Azure Sponsorship
67
-
68
-
The Azure platform will block outbound SMTP delivery attempts on TCP port 25 for VMs deployed in the following subscriptions:
33
+
For Enterprise Dev/Test subscriptions, port 25 is blocked by default.
34
+
It is possible to have this block removed. To request to have the block removed, go to the **Cannot send email (SMTP-Port 25)** section of the **Diagnose and Solve** blade in the Azure Virtual Network resource in the Azure portal and open a support request.
69
35
70
-
- Microsoft Partner Network (MPN)
71
-
- BizSpark Plus
72
-
- Azure Sponsorship
36
+
After the subscription is exempted from this block and the VMs are stopped and restarted, all VMs in that subscription are exempted going forward. The exemption applies only to the subscription requested and only to VM traffic that is routed directly to the internet.
73
37
74
-
It is possible to have this block removed. To request to have the block removed, go to the **Cannot send email (SMTP-Port 25)** section of the **Diagnose and Solve** blade in the Azure Virtual Network resource in the Azure portal and open a support request.
38
+
## All Other Subscription Types
75
39
76
-
After the subscription is exempted from this block and the VMs are stopped and restarted, all VMs in that subscription are exempted going forward. The exemption applies only to the subscription requested and only to VM traffic that is routed directly to the internet.
40
+
The Azure platform will block outbound SMTP connections on TCP port 25 for deployed VMs. This is to ensure better security for Microsoft partners and customers, protect Microsoft’s Azure platform, and conform to industry standards.
77
41
78
-
> [!NOTE]
79
-
> Microsoft reserves the right to revoke these exemptions if it is determined that a violation of terms of service has occurred.
42
+
If you're using these subscription types, we encourage you to use an authenticated SMTP relay service, as outlined earlier in this article.
80
43
81
44
## Changing subscription type
82
45
83
-
If you change your subscription type from Enterprise Agreement to another type of subscription, changes to your deployments may result in outbound SMTP being blocked. If you plan to change your subscription type from Enterprise Agreement to another type of subscription and require outbound SMTP on TCP port 25, be sure to work with support to unblock your subscription prior to changing your subscription type.
46
+
If you change your subscription type from Enterprise Agreement to another type of subscription, changes to your deployments may result in outbound SMTP being blocked.
0 commit comments