Sending E-mail from Azure Compute Resource to External Domains

Sending outbound e-mail to external domains (such as outlook.com, gmail.com, etc) directly from an e-mail server hosted in Azure compute services is not supported due to the elastic nature of public cloud service IPs and the potential for abuse.  As such, the Azure compute IP address blocks are added to public block lists (such as the Spamhaus PBL).  There are no exceptions to this policy.

The supported way to send e-mails to external domains from Azure compute resources is via a SMTP relay (otherwise known as a SMTP smart host).  The Azure compute resource sends the e-mail to the SMTP relay and then the SMTP relay provider delivers the e-mail to the external domain.  Microsoft Exchange Online Protection is one provider of a SMTP relay, but there are a number of 3rd party providers as well.  We list some pointers to SMTP relay services below, but it is not a complete list.  Please note that you need to setup an account with the SMTP relay provider first and then configure your Azure server or application to send outbound e-mail via the SMTP relay.

For customers running an e-mail service for their organization in Azure, Exchange Online Protection is an ideal solution as it provides message hygiene both inbound and outbound.  For more information on Exchange Online Protection, go here.

For customers running applications that generate newsletters, marketing materials, and other bulk e-mail, we recommend a service such as SendGrid that specialize in that type of message delivery.

Below is documentation for how to configure popular e-mail server products you may be running in Azure to send mail via a SMTP relay.  These instructions are how to configure e-mail to be sent via the SMTP relay instead of directly to the external domain.

Additionally, many applications that send e-mail allow custom SMTP server settings.  They can also send mail to the SMTP relay provider in the same fashion and that is a supported scenario.