Skip Ribbon Commands
Skip to main content

Simple Incoming Email with On Premises SharePoint and Exchange

Avoid Configuring AD by Using An Email Alias

Andrew Walman

09/10/2014


​​​​​​SharePoint document libraries can be email-enabled so that documents can be uploaded by simply sending an email. In single server, lab-type environments, this is relatively simple to achieve, but in multi-server production environment, particularly where Exchange is handling internet email, there's a lot more to consider.

​Having Exchange handle the incoming email routing before the document reaches SharePoint has a number of advantages:

  • Exchange will typically be set up to handle inbound threats far more robustly than SharePoint can be – while they can both scan documents for viruses, Exchange can also check against spam lists, blacklists and sender reputation before allowing mail through.
  • Exchange can also apply various rules to mail messages before they are delivered – such as checking for attachments, attachment size, subject etc. – and then routing accordingly.
  • Exchange can also auto-reply to messages – useful where a receipt or other response is required to the sender.
  • Tracking messages through Exchange is far easier than looking through SMTP logs – useful for compliance and auditing purposes.
  • Using Exchange, the message doesn't just have to be delivered to SharePoint – it can be also sent to a journal mailbox, or copied/forwarded to any other recipient or group.
  • The email address given to users for the document library can be part of your internet address space, e.g. doclibrary@example.com, not doclibrary@sharepoint.example.com – this is beneficial when external users are involved in the document sending process (e.g. partners, suppliers) and internal users can find the address in the Exchange address book.

SharePoint can use the directory management feature to automatically create email addresses in the corporate directory when email-enabled document libraries are created. Designed to simplify the process for SharePoint, this can be a headache for Exchange administrators, particularly in large environments. The method below avoids having SharePoint create the entries automatically, introducing a manual process, but ensures that the SharePoint and Exchange support teams remain friends!

Scenario:

You want external partners to be able to email documents to an on-premises SharePoint document library, using an email address that routes through the on-premises Exchange organization. You don't want to give permission to SharePoint to automatically create objects in Active Directory/Exchange.​

High Level Overview

  • SharePoint is installed as three tier farm with multiple web/front-end servers.
  • Internet email is handled by Exchange
  • An Exchange mailbox is set up to receive emails from partners with the address partnerdocs@example.com
  • An email contact object is set up with the external address, doclib@sp.example.com
  • The mailbox is setup to forward incoming emails to the contact
  • An Exchange SMTP connector is used to route email for the sp.example.com namespace to the SharePoint frontend load balanced address.
  • Exchange transport rules can be configured to process the mail further, e.g. send a receipt, change the destination address based on sender/subject etc.

Pre-requisites

  • Exchange is set up to receive email from the internet using SMTP for the domain example.com
  • No external DNS changes are required.
  • The SMTP service has been installed on all the SharePoint web/front-end servers, set to automatic start-up, and load balanced with a virtual IP address and local DNS entry.

SharePoint Farm Set Up

To configure incoming email, complete the following steps:

  • Verify that the user account that is performing this procedure is a member of the Farm Administrators group.
  • Open SharePoint Central Administration.
  • Click on System Settings.
  • Select Configure incoming e-mail settings.
  • Select "Yes" to enable sites on this server to receive e-mail.
  • Leave the other settings as default – "Settings mode = automatic" and "Use the SharePoint Directory Management Service = no"
  • Ensure the E-mail server display address (excluding mylist@) is set to the SharePoint address space, e.g. sp.example.com. This is only to make setup easier, you don't need to create any DNS settings for this as we'll be using the load balanced IP address of the frontend servers to route to this namespace.
  • Click OK

SharePoint document library set up

  • Create a new document library or email enable an existing library by opening the document library settings and selecting the "incoming e-mail settings"
  • Select "Yes" to "Allow the library to receive email?"
  • Enter an email address that is appropriate for the library – a suggested convention might be [libraryname].[sitename]@sp.example.com. This address will be used by the contact object in Exchange
  • Configure attachment settings and email message settings as needed.
  • As you'll be accepting messages from the internet, change the security policy to "Accept e-mail messages from any sender" – we're offloading message security to Exchange.

Exchange Set Up

  • Create a contact object with the naming convention of the organization, using the document library email address as the external email address.
  • Create a mailbox with the required external internet email address, e.g. partnerdocs@example.com and ensure it can receive from the internet. Set any properties needed on the mailbox (e.g. maximum size) and in the "Mail Flow" tab, select "delivery options". Configure the forwarding address to be the contact object you've just created.
  • To route mail between Exchange and SharePoint, create a new "send connector" in the hub transport section of the organisation configuration.
  • Enter an appropriate name (SharePoint) for the connector and choose a "custom" type.
  • In the address space, enter your SharePoint address space, e.g. sp.example.com
  • Select "Route mail through the following smart hosts" and click "Add"
  • Enter the load-balanced IP address of the front end servers and complete the wizard.

When incoming email for partnerdocs@example.com arrives at the exchange server (either from the internet or from internal senders) it will be forwarded from the mailbox to the contact object, causing it to be routed through the new send connector to the one of the front-end servers in the load balancer, where the SMTP service will store it in the drop folder. SharePoint will monitor the drop folder, find the new email, and store any attachment in the document library – with the email message too, depending on the setting chosen.

Extending the Solution

This is a very simple example, but it's possible to meet a variety of business requirements by adding Exchange transport rules, SharePoint routing rules, and workflow into the solution. The major benefit if using the mailbox/contact forwarding method above is the email address given to partners doesn't change – simplifying collaboration. For example:

  • Transport rules can be used to route email to different mailboxes (and then to different contacts) depending on different conditions, such as subject, sender or attachment type. Contacts can be created for each document library.
  • Alternatively, SharePoint routing can be used to move the attachment from the drop-off library to different libraries, based on metadata in the attachment, approval status, or document type, keeping the Exchange side simple, and retaining the business logic in SharePoint.
  • Further processing can be accomplished through custom workflows, triggered on item creation within the email-enabled document library. These may move the item straight away, trigger an approval process, or start another external process entirely.

For further details on our SharePoint products and services, please see our SharePoint pages


Top Blog Posts From Fuse

 

 

Migrating Server Environments to Azure – without using PowerShell https://www.fusecollaboration.com/blog/migrating-server-environments-to-azure-without-using-powershellMigrating Server Environments to Azure – without using PowerShell
Recovering Workflow History after 60 dayshttps://www.fusecollaboration.com/blog/recovering-workflow-history-after-60-daysRecovering Workflow History after 60 days
Simple Incoming Email with On Premises SharePoint and Exchangehttps://www.fusecollaboration.com/blog/simple-incoming-email-with-on-premises-sharepoint-and-exchangeSimple Incoming Email with On Premises SharePoint and Exchange
Dynamic Page Layouts in SharePoint 2013 - Part 1https://www.fusecollaboration.com/blog/dynamic-page-layouts-in-sharepoint-2013-part-1Dynamic Page Layouts in SharePoint 2013 - Part 1
Using Google to Authenticate with SharePoint 2013https://www.fusecollaboration.com/blog/using-google-to-authenticate-with-sharepoint-2013Using Google to Authenticate with SharePoint 2013

Recommended Pages

 

 

Skype for Businesshttps://www.fusecollaboration.com/technologies/skype-for-businessSkype for Business
About Fuse Collaboration Serviceshttps://www.fusecollaboration.com/fuse-home/aboutAbout Fuse Collaboration Services
Privacy Policyhttps://www.fusecollaboration.com/fuse-home/privacy-policyPrivacy Policy
Hosted Skype for Businesshttps://www.fusecollaboration.com/technologies/skype-for-business/hosted-skype-for-businessHosted Skype for Business
SharePoint Consulting, Design and Developmenthttps://www.fusecollaboration.com/technologies/sharepointSharePoint Consulting, Design and Development

 About us

Fuse Collaboration Services is a Cloud Solution Provider and Microsoft Gold Partner specialising in delivering SharePoint, Skype for Business, and Azure cloud-based solutions. Based in Northampton, UK.

Microsoft Gold Partner Logo showing 5 competencies

Read more

 Latest Tweets

 Latest Blog

 

 

‘We’d love you to stick around’. But stick around where?3728<p class="lead">Here at Fuse Collaboration Services both our personal and professional email inboxes are receiving a steady flow of emails from companies asking us to stay on their mailing lists. This is the most obvious and public aspect of the new GDPR that is currently being implemented.</p><p>There are a couple of positive side-effects from these new regulations, not least that by forcing you to opt in to mailing lists to make sure you are only receiving what you want to receive a company will really know how engaged you are, making your email address all the more valuable when it comes to marketing.</p><p>Companies have been responding to the GDPR changes by re-working their data management policies, but how much time is being put into how these policies can be enacted day-to-day, especially away from the aforementioned marketing email lists?</p><p>For example, if you have written a policy that says that emails are going to be stored for one year before deletion, how are you going to store them away from an active email server (thereby reducing the burden on a day-to-day server), or keep hold of them once a member of staff leaves? Or what happens if data is accidentally deleted by a member of staff?</p><p>Furthermore, data security is made all the more important as more and more companies opt for a flexible working approach where their staff can work from remote locations, such as home or (dare we say it) a high street coffee chain with its free Wi-Fi access.</p><p>Domestic or public internet access networks are unlikely to have the same levels of security as a company's, which makes it all the more important that any data transfer between a central hub and remote laptop is encrypted and has the latest security.</p><p>Chris Evans of Computer Weekly has highlighted <a href="https&#58;//www.computerweekly.com/feature/GDPR-brings-serious-implications-for-data-storage" target="_blank"> <span style="text-decoration&#58;underline;">five areas</span></a>&#160;which will impact the day-to-day work of the data storage manager under GDPR, including&#58;</p><ul><li>encryption; </li><li>detailed application-to-storage mapping;</li><li>security and audit; </li><li>validation of test and development requirements;</li><li>and collaborating closely with colleagues.</li></ul><p>Ultimately, you need to be able to give all your customers, clients, stakeholders and staff the confidence that their data and documents are stored securely, but also in a way that allows you to respond to data requests quickly and efficiently without having to wade through a mound of irrelevant information.</p><p>You also need to have the peace of mind that any deleted information can be recovered within your policy timetables, whether they be one year, five years, or longer than that.</p><p>There is also a danger that you could be sucked into a one-size-fits-all approach using policy and storage templates that have been designed for organisations that are in a different sector or are of a vastly different size to your own.</p><p>Fuse's data back-up and storage solutions tick all of the boxes you need to have that peace of mind to concentrate on your main business, namely growing as a company, while also being tailored to your specific needs.</p><p>Fuse uses a mixture of cloud-based packages to meet your requirements and allow your staff to access their relevant information <em>securely </em>regardless of where they are working. Our solutions are also easy to monitor by your in-house IT team, so that in the unlikely event of a data breach it can be identified, resolved and reported quickly.</p><div class="well well-lg"><p class="lead">Give us a call on 01604 797979 and we can have a chat about how you can make sure your data policy matches your day-to-day operations and requirements.</p></div> | Chris Wearmouth | 693A30232E777C6675736563735C632E776561726D6F757468 i:0#.w|fusecs\c.wearmouth16/05/2018 23:00:002018-05-16T23:00:00ZData security and rentention in a cloud based infrastructureData security in a cloud based infrastructure14/06/2018 09:56:102550htmlFalseaspx

 Contact us

Our address
12 Brookfield, Duncan Close
Moulton Park, Northampton
NN3 6WL
P: +44(0)1604 797979
Contact Us