Topics Map > Features and Functionality
Topics Map > Administrators

Requesting SMTP Relaying for sending unauthenticated email

This document describes the campus unauthenticated SMTP relay service and when it might be appropriate to request relaying services. Please note that unauthenticated relay services are only available to UW-Madison campus IP space and explicitly not available to end user workstations or mail servers.

What is SMTP Relay?

An SMTP relay allows Campus servers and devices to programmatically send mail from their applications to their target users without having to run their own mail server. SMTP relaying is necessary when your server, application or device is unable to authenticate to and you need to send email programmatically to recipients that are off-campus and the list of recipients may not be known before the email is generated. This service is limited to campus IP space and is protected by the campus firewall to insulate it from potential spammer access.

Microsoft 365 customers may not need an SMTP relay in all cases. If you are a server or application administrator, please see the following guide to help determine what option is best for your needs: Microsoft 365 - Options for Individual and Programmatic Sending

Terms of Use

  • The unauthenticated relay is only available to systems, services or devices that are located on campus and sending email in support of UW-Madison Teaching, Research or Administrative activities.
  • Campus partner mail servers or servers that accept mail submissions on port 25 should not use the unauthenticated relay service.
  • Unauthenticated relay services is not available to end user workstations.
  • Use of the service is explicitly prohibited for sending spam, phishing or email with offensive content.
  • If the University receives a credible report that a violation of the Terms of Use has occurred, or if, in the course of managing the service, discovers evidence of a violation, then the matter will be referred for investigation, University disciplinary action, and/or criminal prosecution.

Submitting a Request

An SMTP Relay request is only necessary if your application or device is sending email to recipient addresses not hosted in our UW-Madison Microsoft 365 environment. If your application is hosted on campus and you are only sending to UW-Madison M365 recipients then you may use the service without submitting a request.

To submit a request for SMTP relaying for a new IP address, fill out our SMTP Relaying request form.

If you are the admin of record for a relay you can make changes to an existing relay IP here List Relays.

Please contact the DoIT Help Desk with any other questions regarding relay requests.

Set Up

Once your IP is allowed to relay, you may use the following configuration to relay email.

  • SMTP Server:
  • SMTP Port: 25
  • Id/Password: This is not used. Please leave blank.
  • TLS/SSL: Enabled (where possible)

Important: You must enter a valid From address. This address can be a or account that is hosted within the UW-Madison Office 365 tenant.

Note on TLS/SSL support: Encrypted communication is required for sending mail to certain external domains (e.g. For the full list of domains that require TLS see: Microsoft 365 - Email Domains that Require TLS

What is the difference between and

Use of requires that the IP address of the device sending email be included in the WiscMail Relay table even if you are only sending to UW Madison Office365 addresses. There is otherwise no difference between and

What IP addresses does the relay service use to send mail?

Relay mail may be sent from the following IP addresses and subnets:


Does SMTP Relay support encrypted connections?

The SMTP Relay service offers opportunistic TLS through support of the STARTTLS command which offers a way to upgrade a plain text connection to an encrypted connection. SMTP Relay also forces TLS communication to certain external domains. For the full list of domains that require TLS see: Microsoft 365 - Email Domains that Require TLS.

Is there a message size limit when using SMTP Relay?

Can the relay service be used by off-campus infrastructure?

No, the unauthenticated relay service is not available to off-campus infrastructure. We now offer an Authenticated SMTP Secure Email Relay Service. That service is available to off-campus systems such as applications built on AWS EC2 instances, Lamdba serverless functions, or other 3rd party services. See SMTP Authenticated Secure Email Relay sending for more details.

Can the relay service be used to bypass DMARC requirements?

In some cases it can, but it also further complicates matters. Since the relay service effectively bypasses domain-level authorization of use of email addresses, it would be covering up the forging problem that DMARC would otherwise solve. We need to ensure that the systems we allow to relay have some level of control over who is allowed to send as arbitrary email addresses. We recommend that you consult with us to ensure your messages are DMARC compliant.

How can I achieve DMARC compliance using a SaaS provider without relaying?

  1. Determine which domains the application will need to send as "From".
  2. Configure all outbound messages to use addresses within that domain. The from address should be a valid and deliverable email address even if you do not expect to receive replies at the address or process bounced message (to catch bounces, etc. See also: Microsoft 365 - Dealing With Replies To Your Automated or Mass Email )
  3. Add the SaaS provider's outbound email IP addresses to the SPF record for the domain.
  4. Implementing SPF is adequate for DMARC compliance, but you should strive for implementing DKIM in the long term. Encourage your SaaS vendor to implement support for DKIM signing. Feel free to point your vendor at the following documents if they need an industry primer on how to implement DKIM.


Any abuse of this service will result in removal of relaying privileges for the offending IP address.


If you have any questions or would like to discuss relaying options, please contact

See Also:

Keywords:campus relaying smtp requests sending email programmatically e-mail o365 office microsoft message size limit   Doc ID:29362
Owner:O365 S.Group:Microsoft 365
Created:2013-04-08 14:50 CDTUpdated:2023-09-05 16:46 CDT
Sites:DoIT Help Desk, DoIT Staff, DoIT Tech Store, Microsoft 365, Public Cloud
Feedback:  2   0