Email sent from University of Iowa systems to the Internet-at-large must use authenticated-SMTP and pass through message hygiene (anti-spam and anti-virus scanning). Microsoft 365 Exchange Online (M365) is the preferred solution as it provides both. However, for security reasons, most email accounts are disabled for direct SMTP access to Microsoft 365. If SMTP email is required for a unique application or device, such as a multi-function printer (MFP), please contact the ITS Help Desk to request SMTP be enabled.
For University of Iowa systems which cannot use M365, the system known as ns-mx.uiowa.edu is available with two limitations: (1) it does not provide message hygiene for messages sent/received by ns-mx.uiowa.edu (however, receiving systems such as M365 will do message hygiene on the message when it is received, and (2) it only accepts messages directed to University of Iowa M365 domain names, (e.g., uiowa.edu, iowa.uiowa.edu, hawkeyesports.com, healthcare.uiowa.edu.) It is recommended that you have a valid mailbox to send from when using ns-mx.uiowa.edu.
If you are using smtp.office365.com or email.uiowa.edu, you will be required to:
- Have a mailbox in the University of Iowa M365 tenant, e.g., uiowa.edu, iowa.uiowa.edu, hawkeyesports.com.
- Use the mailbox email alias or other SMTP address stamped on the mailbox as the From address in your message.
- Authenticate using the mailbox Hawk ID or Service ID and password. If the mailbox password is not known, the account owner may call the ITS Help Desk at (319) 384-4357 to have it reset.
- Enable legacy email protocols for the mailbox. If legacy email protocol status is unknown, the account owner may call the ITS Help Desk at (319) 384-4357 to have it enabled.
If you need a mailbox created, see Requesting a Microsoft 365 Shared Departmental Acccount
Email submission choices
The following chart summarizes the available choices for submitting email from campus.
| smtp.office365.com | email.uiowa.edu | ns-mx.uiowa.edu | |
|---|---|---|---|
| sending server IP | campus GSA | campus LSA or data center | campus GSA or LSA |
| authenticated SMTP | required | required | not available |
| recipient email address | any | any | O365 domain only |
| require encryption | Yes (TLS 1.2)1 | Yes (SSL or TLS) | No |
1Starting November 1, 2018, O365 requires using TLS 1.2 or higher.
smtp.office365.com on port 587
This service is provided by Microsoft 365 Exchange Online (M365). To connect to it, a sending system needs to be on a “global-scoped address” (GSA) and have access through host and data center firewalls. Authentication is required using a valid Hawk ID or Service ID. The From address specified when sending must be authorized for the associated Hawk ID or service account. i.e. the mailbox email alias or other SMTP address stamped on the mailbox.
Note: Some user accounts may have owner/send as rights for the Service ID and thus be authorized, but we do not recommend and strongly discourage programming personal Hawk ID and password information in applications.
Note: M365 has email sending limits. Microsoft advises customers who need to send legitimate bulk commercial email (for example, customer newsletters) to use third-party providers that specialize in such services. For more information on M365 limits, visit: https://its.uiowa.edu/support/article/103894
email.uiowa.edu on port 587
This service is an on-campus gateway to smtp.office365.com. It is provided to allow “local-scoped address” (LSA) systems (or firewalled systems in the ITF and LC data centers) to send via O365. It has the same requirements as smtp.office365.com and is limited to campus IP addresses.
Note: Rapidly sending to large numbers of University email addresses can result in throttling.
ns-mx.uiowa.edu on port 25
This service is available for sending without authenticated-SMTP. It is available for use by systems on GSA or LSA. The To address specified must be in the list of valid University of Iowa O365 domain names.