Support | Technotes

Equisys technical notes

Technical guidance, explanations and fixes for our products

Technotes

HOWTO: Configure Exchange Online SMTP Delivery with Azure Communication Services

Print

ZTN4616

This Zetadocs technical note applies to:

  • Zetadocs Delivery   

  • Systems that currently send email using Exchange Online (smtp.office365.com) with Basic Authentication

Summary

Microsoft have announced that Exchange Online will permanently remove support for Basic authentication in September 2025. More information on this announcement can be found here

This announcement means that Zetadocs Delivery systems will no longer be able to use Basic authentication with Exchange Online when sending emails, as of September 2025. It is therefore essential that Zetadocs Delivery customers make the configuration changes required before this date, to avoid disrupting the sending of documents. 

As part of this announcement, Microsoft have recommended customers switch to using Azure Communication Services to preserve existing SMTP email sending capability.  

This technote aims to help Zetadocs Delivery customers transition away from using SMTP settings with Microsoft Exchange Online and instead use SMTP settings with Microsoft Azure Communication Services. This will ensure customers keep a working Zetadocs Delivery system beyond September 2025.  

This technote is written for Microsoft Azure system administrators, with the current Microsoft User Interface and limitations that exist at the time of writing (February 2025). 

Any other SMTP service may be used with Zetadocs Delivery if that is the preferred option. 

More information

There are four steps that need to be followed to use Microsoft Azure Communication Services to enable Zetadocs to send emails using SMTP:

Enable SMTP credentials for Azure Communication Services

To enable the SMTP credentials for Azure Communication Services, please follow the official Microsoft documentation here: https://learn.microsoft.com/en-gb/azure/communication-services/quickstarts/email/send-email-smtp/smtp-authentication. Take note of the prerequisite steps in the documentation which are required to be completed.

By the end of the procedure, the resources created should be:

  • An Azure subscription (if not using an existing one) 
  • An Azure Communication Service
  • A Microsoft Entra Application with an application Secret and with the following permissions over the Azure Communication Service.
    • Microsoft.Communication/CommunicationServices Read
    • Microsoft.Communication/CommunicationServices Write
    • Microsoft.Communication/EmailServices Write

      Note: Contributor built-in role would encompass those permissions.

This will allow the following set of SMTP settings to be recognized by Azure:

  • Server: smtp.azurecomm.net
  • Port: 587
  • TLS/Secured: True/Enabled
  • Username: Dot or Pipe separated 3 information from the resources above: <Azure Communication Services Resource name>.<Microsoft Entra Application ID>.<Microsoft Entra Tenant ID>
  • Password: The Microsoft Entra Application secret defined above

Enable the email sender domain

To enable a domain to be used, Azure Communication Services will rely on an Azure Email Communication Service. 

The custom domain can be either managed by Azure or with your own domain. The former allows for a quick setup but the sender address (mailFrom) will be limited to a DoNotReply@xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.azurecomm.net address. The latter will require the addition of TXT, CNAME entries in the DNS settings of your domain to verify the domain ownership and setup the SPF verification. 

Please follow the official Microsoft documentation here to add a custom domain: https://learn.microsoft.com/en-us/azure/communication-services/quickstarts/email/add-custom-verified-domains?pivots=platform-azp 

Note: The TXT entry to setup the SPF needs to be unique in your DNS settings.  However, this entry can cover multiple domains as per the following example: 

v=spf1 ip4:255.255.255.255 include:spf1.zetadocs.com include:spf.protection.outlook.com ip4:0.0.0.0 -all  

After following the procedure, please ensure that the custom domain is fully verified in your Azure Email Communication Service > Settings > Provision domains 

Once verified, the custom domain needs to be connected to your Azure Communication Service using the button > Email > Domains > Connect domain. 

Add the sender address (MailFrom) to the verified domain

This step only applies if you chose to use your own custom domain rather than the Microsoft managed one. If you chose to use the Microsoft managed domain, please skip to the next step and use the sender address (MailFrom) provided by default by Microsoft.

To add a MailFrom address, navigate to your Email Communication Services Domain > Email Services > MailFrom address. There you can add a new MailFrom of your choosing. In case the "Add" button is greyed out, open the Azure portal Cloud Shell using the button near the search bar  and use the following command to add the desired MailFrom:

az communication email domain sender-username create --domain-name <CustomDomainName> --email-service-name <EmailCommunicationServiceName> --name <MailFromName> --resource-group <EmailCommunicationServiceResourceGroupName> --display-name <MailFromDisplayName> --username <MailFromUserName> --subscription <Azure subscription Id>

As an example, the command should look like this:

az communication email domain sender-username create --domain-name mydomain.com --email-service-name Zetadocs-smtpservice --name support --resource-group Zetadocs-Smtp --display-name accounts --username support --subscription 0000FFFF-AAAA-BBBB-CCCC-12345678

The MailFrom should appear in Email Communication Services Domain > Email Services > MailFrom address

Update Zetadocs Delivery settings

To update Zetadocs Delivery to use the newly setup Azure Communication Services, please open the Zetadocs Delivery Settings page in your NAV or BC environment.

The settings should be updated to the following

  • Server: smtp.azurecomm.net
  • Port: 587
  • TLS/Secured: True/Enabled
  • Username: Dot or Pipe separated 3 information from the resources above: <Azure Communication Services Resource name>.<Microsoft Entra Application ID>.<Microsoft Entra Tenant ID>
  • Password: The Microsoft Entra Application secret defined above
  • Email From: a valid MailFrom address listed in your Email Communication Services Domain > Email Services > MailFrom address

Once these steps are complete, the delivery of email should work as before, using the Zetadocs Send button on any NAV/Business Central page. This should be tested to ensure that the settings are correct.

References

Last updated: 11th March 2025 (CR/NT) 

Keywords: Zetadocs Delivery, SMTP, Microsoft Exchange Online, Azure Communication Services, Azure Email Communication Services, App Password retirement

Equisys Logo, Document Management and Expense Management for Business Central
 

Replaced by script