Configure Scan to Mail feature on a old Multifonction Printer using Microsoft 365 account to send email outside your organization
Issues
- You are using Microsoft 365 as your email provider (Exchange Online)
- You need to configure your MultiFonction Printer to send emails on a OLDER PRINTER (TLS 1.0 or TLS 1.1)
- You want to send email from the MFP to external domain name addresses (outside or your tenant), which SMTP RELAY does not cover (Therefor, an account with a licence is required).
Solutions
The solution I found it to use a dedicated mailbox and set it up so SMTP AUTHENTICATION works on it.
As you will see, it will use a “legacy” SMTP server. Who knows how long Microsoft will support it ?!?!?
Account Creation
As Administrator
- Login to your Microsoft 365 Administration Portal : https://admin.microsoft.com/Adminportal
- Create a new User Mailbox (E.g: scan2mail@yourdomain.tld)
- Enable Multi-Factor Authentication for this mailbox
As the Scan to Mail mailbox (on another web browser maybe ? Make sure you give some love to Firefox 😉 ) :
- Login on Microsoft Portal : https://portal.office.com
- Intialize MultiFactor Authentication
- Setup an AppPassword for the MFP Printer : https://mysignins.microsoft.com/security-info
Security changes on Microsoft Exchange Online
Open Powershell Console As Adminstrator
Install ExchangeOnline module :
Install-Module -Name ExchangeOnlineManagement
Close Powershell Console
Open Powershell Console (regular console / non-admin)
Connect to Exchange Online
Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline
Enable SMTP AUTH for the selected Mailbox (replace with the correct identity of the mailbox)
Set-CASMailbox -Identity scan2mail@yourdomain.tld -SmtpClientAuthenticationDisabled $false
Enable Legacy TLS Clients
Set-TransportConfig -AllowLegacyTLSClients $true
Multi-Fonction Printer Configuration
On the printers, use the following settings (be sure to check your printer manufacturer SSL/TLS settings)
SMTP Server Address : smtp-legacy.office365.com
SMTP Port : 25
Security : STARTTLS
Username : scan2mail@yourdomain.tld
Password : The app password you have set earlier