Azure SMTP Client Mail Flow Provider
If your organization uses Azure Active Directory, you can use the Azure SMTP Client mail provider option to use a Microsoft Azure (Entra ID) authenticated mailbox as your primary email account within your PIM system.
The key advantages of this approach are the robust authentication process, utilizing Azure's oAuth token for direct mailbox authentication as opposed to server IP rules that secure SMTP Relay provider, and the added benefit of running an auditable dedicated mailbox as the PIM system's mailbox. Notably, all outbound emails are sent with the identity of the authenticated mailbox user, ensuring both traceability and authenticity. However, note that users sharing documents from PIM's document management system will show on the outbound email as the source and are added as the Reply To address. This allows recipients to respond directly to the sender.
Usage Recommendations
The oAuth SMTP method is especially well-suited for smaller PIM environments, where operational constraints imposed by Microsoft limit the sending of emails to 30 messages per minute with a cap of 10,000 recipients per day. Any emails surpassing these thresholds will be placed in a queue, awaiting dispatch until the limitation period resets.
Given that this method relies on a client-server interaction model that employs the user oAuth 2.0 authentication flow, it is essential to utilize port 587 to ensure that all communication is securely encrypted using TLS 1.2. This configuration guarantees both the security and integrity of the email transmission process.