Technical Articles
SMTP Technical Architecture (Outbound e-Mail): Microsoft Office 365, S/4 HANA in Cloud, Private Edition
Hello All,
This is my first Technical Article. Please read and let me know if there are any modifications are needed.
¤¤¤
As correctly pointed out by Suhel,
This blog post is about option 1) Authenticate your device or application directly with a Microsoft 365 or Office 365 mailbox, and send mail using SMTP AUTH client submission
Kindly Refer-
¤¤¤
You all might have seen the same content, topic by somebody or somewhere in the blogs.sap.com but one thing which was bothering me is nobody kept it simple and in one place. No worries, Here I’m. I was struggling but I don’t want anybody else to struggle.
This Blog is about SMTP- Technical Architecture with Office 365 (and SAP S/4 HANA system is hosted in Private Cloud). Point to remember, Inbound as well as outbound with Important Points. Let’s start!
Login to your SAP S/4 HANA System, consider you have 3-tier landscape then you can run a PoC in Development Landscape or directly in your Test Landscape. Upto you. Remember: None of the settings is transportable.
For Outbound SMTP Configuration
In your Development System, Run Transaction Code *SCOT*, you will see something as below,
SCOT
Select and click Create Node using the Wizard (easy).
Create Node
I have entered SMTP_D (for Development Landscape), further on you can have SMTP_Q for Quality Landscape, SMTP_T for Test Landscape and finally SMTP_P for Production landscape (your selection). Click Continue.
Enter Mail Host is, smtp.office365.com and Mail Port as 587 (Standard but if there are any changes in it then Microsoft Office 365 Team can help you; ask them about the Host and Port).
IMPORTANT
Before you continue, ensure that you must have a mailbox information with you. You need to have a mailbox (e.g., noreply@yourdomain.com) so that you can complete the SCOT related configuration.
Also, please allow/ whitelist smtp.office365.com with port 587 in your firewall. If SAP S/4 HANA system is hosted in Private Cloud under RISE with SAP offering, then raise an SR to get it whitelisted/ Allowed from.
Create Node- Continue
Click Setting. This is important Step unless setup is tweaked by your organizations Microsoft Office 365 Team.
Enter noreply@yourdomain.com as UserName, and Password for that account. Microsoft Office 365 Team must provide you the Password of the newly created mailbox.
Security Setting for Node
Click Ok
By default, it is on ‘No’, but click ‘Yes’ in security warning.
Click Continue. Then Select Internet, click Continue
Continue
Continue
Add ‘*’ in Address area and click Continue. You can restrict the Address Area too.
Continue
Continue
Continue
Select N, Click Continue.
Continue
Anything which could be ok here, we have used 0 hrs and 1 minutes
Continue
As a final Step, this is how it will look.
Final SCOT Screen
Click Settings
Outbound Settings
Add default Domain as yourdomain.com (your Organizations Domain, For example, SAP as an Organization the domain would be SAP.com)
Your Domain as Default Domain
Click Save.
Now, Schedule Job to send the mails, Click Send Jobs.
Schedule Background/ Batch Jobs to Send the mails
Click New, and select Schedule Job for all Address Types,
Background Job- New to send mails
Continue
Save it
Test the e-Mail Send Functionality. Select SMTP Nodes, go to Utilities, and click Send Test Mail.
Test e-Mail sending
Enter Recipient
Run SOST to see the status of sent e-mail,
Transaction Code: SOST
Blue colored status with msg code as 718 means All is Ok with your SMTP Setup.
Successful Sent
Final Check
Verify the recipients mail box
How it looks,
Technical Architecture
-: Important :-
Every User ID must have noreply@yourdomain.com as an e-Mail ID in communication tab (transaction code SU01d) to send the e-Mails to anyone. SAP Security Team can maintain the same using SU01 Transaction Code.
Once you are done with all the above Steps then you will be able to send the e-Mails from SAP S/4 HANA system to III party e-Mail ID’s and your corporate e-Mail ID’s. Ensure, in SOST, Status must be Blue and Message Code must be 718.
Top 3 reasons which will cause a disruption in sending e-Mails from SAP System.
- SMTP Auth (basically, the User ID and Password to get authenticated on Office 365) is having any problem.
- SAP S/4 HANA system is not able to reach to smtp.office365.com on port 587 (it is blocked on Firewall or not whitelisted in Rules)
- An User who is trying to send the mail doesn’t have the noreply@yourdomain.com as an e-Mail ID in Communication Tab.
To Troubleshoot the Issue, Best way is,
- Run SMICM and go to ICM Logs.
- Increase the Trace Level to 3.
- Try sending e-Mail from SAP S/4 HANA system and check the trace.
Reference,
- 455140 – Configuration of e-mail, fax, paging/SMS via SMTP – SAP ONE Support Launchpad
- 2690360 – XS812 – 550 5.7.60 SMTP; Client does not have permissions to send as this sender – SAP ONE Support Launchpad
- 1702632 – Authentication with user and password while sending mail through SAPconnect using SMTP – SAP ONE Support Launchpad
- 1496168 – Relay problem while sending mails through SAPconnect using SMTP plug-in – SAP ONE Support Launchpad
- 1950670 – Error XS856 “No delivery to &1, authentication required” occurs while sending mails through SMTP node – SAP ONE Support Launchpad
Hope this will help you setup e-Mail with Office 365 in SAP S/4 HANA system (in Private Cloud). Do let me know if I missed any points or if you have any questions. Happy to answer.
Thank you for reading.
Kind Regards,
~ Mahendra
Note: Technical Architecture: Blog Post on Inbound e-Mail setup is here, https://blogs.sap.com/2022/02/07/smtp-technical-architecture-microsoft-office-365-s-4-hana-in-cloud-private-edition-2/
Above Blog Post is Removed by SAP and there is no Concrete/ Solid Reason behind it.
Hi Madendra,
Came across your blog when trying to find O365 setup instructions for RISE PCE. I think you should mention in the begining that this is SMTP Auth setup ( OPtion 1) from Microsoft blog. I was looking to setup Option 3 ( SMTP relay) but the issue with PCE is to get public IP of SAP systems. Let me know if you had any luck with option 3. Thanks
Hello Suhel,
Thanks for pointing out the missed point. Updated the Blog Post now.
Regarding Option 3) Configure a connector to send mail using Microsoft 365 or Office 365 SMTP relay, same was with me. I was not able to get any support on that from SAP Team though I can see a new entry in Roles and Responsibility Matrix. Please check X49 - SMTP Relay to Office365, rise-with-sap-s4-hana-cloud-private-edition-and-sap-erp-pce-roles-and-responsibilities-english-v8-2021.pdf
P.S. X49 wasn't there before.
Thanking you,
~ Mahendra
Hi Madendra,
A very nice guideline. However, during our configuration, we met the
Error XS812 with long text "554 5.2.252 SendAsDenied"
As we cannot set all the user's e-mail as the sender e-mail in SU01, that is not relistic
We check with Micrsoft but still cannot solve. Do you have any hints for us ?
I'm not sure why the another important thread of the Blog, https://blogs.sap.com/2022/02/07/smtp-technical-architecture-microsoft-office-365-s-4-hana-in-cloud-private-edition-2/ is deleted by SAP. Can anyone from Moderator Team check and confirm?
Hi, Mahendra:
I've moved the post out of the trash so you can see its editorial comments, but I'm afraid we can't add back to the site. You're welcome to ask follow-up questions in its editorial comments if you wish.
Kind regards,
--Jerry
Hi Mahendra, could you please provide me the second Blog Post?
Regards,
Manuel
Need help of another blog mentioned for inbound email config.
please share