Technical Articles
SMTP Technical Architecture (Inbound e-Mail): Microsoft Office 365, S/4 HANA in Cloud, Private Edition
Hello All,
This is in continuation of SMTP- Technical Architecture with Office 365 (and SAP S/4 HANA System is hosted in Private Cloud). This Blog post is about Inbound mail communication with Important Points.
If you want to read about Outbound Mail configuration Steps, please check the blog post https://blogs.sap.com/2022/02/03/smtp-technical-architecture-microsoft-office-365-s-4-hana-in-cloud-private-edition/
Well, Let’s start! Below is the expectation, correct?
Simple. Straight. Requirement
Let’s begin, Login to your SAP S/4 HANA System, consider you have 3-tier landscape then you can run a PoC in Development Landscape or directly in your Test Landscape. Upto you. Remember: None of the settings is transportable.
There are certain pre-requisites to receive e-mails in SAP S/4 HANA System. See below-
- SMTP Service must be active, and Port must be enabled in SAP S/4 HANA System. You can use Port as 25000.
- You must have a subdomain created. For example, if your organization is SAP, then your domain would be sap.com; for inbound, we need a subdomain, say, something as btp.SAP.com (IT Team can help you with creation of sub-domain).
- Service User ID which can be configured to start, run SAPCONNECT service.
- You need a lot of assistance from Microsoft Office 365 Team (esp. in setting up Routing and connectors). Please see the Technical Architectures in last section.
In your Development System, Run Transaction Code *SMICM*, you will see something as below,
SMICM Landing Page
If SMTP Service is not Active, then please activate it by using correct port. Below screen can help you,
SMICM New Service
Note: You can choose port of your choice but best would be to have either 25 or 25000 or in some pattern of 25.
Once you are done with this activity then run the transaction code SU01 in your SAP System and create a User ID of type Service. You can take help of SAP Security Team for this.
Txn SU01
User Type must be Service Type,
Txn SU01
Users Profile must be S_A.SCON
Txn SU01
Once you are done with this activity then run the transaction code SICF in your SAP System. Press F8/ Execute.
Txn SICF
Select SAPconnect
Txn SICF
If it is not Active then Activate the SAPconnect Services.
Note– Since, SAP S/4 HANA System is hosted in Private Cloud so most of the Services will be in Active Status (by default or it may differ).
SAPconnect
Check and ensure that correct profile parameter is selected or set for SAPconnect. Modification to this can be done too.
If above is Ok then as a next step, Click Logon Tab.
SAPconnect
Here, Enter the Service User ID along with its Password. And activate the SAPconnect Service.
Something as below,
Client | Protocol | Service Name/ Port | Hostname |
100 | SMTP | 25000 | sid.Yourdomain.com |
110 | SMTP1 | 25001 | sid.Yourdomain.com |
120 | SMTP2 | 25001 | sid.Yourdomain.com |
And then the profile parameter which needs to be adjusted (if required),
is/SMTP/virt_host_0 as 25000; is/SMTP/virt_host_1 as 25001, is/SMTP/virt_host_2 as 25002
You can verify whether the SAPConnect Service is working or not using Telnet. Please follow the SAP Note № 2417443
Once you verify and if everything is Ok then work on SAP Side is completed.
Quick Recap or what would be needed by Microsoft Office365 Team once you are done with above.
Internal e-Mail Address: John.Doe@sales.xyz.com
Hostname: s4sap.xyz.com; Port: 25000
Before we proceed further,
Case 1) Above will not work with Microsoft office 365 because of a limitation. O365 forwards mail to Port 25 and there are no options to change the port or edit the port in connector hence we need to have a Load Balancer with Public IP and Port 25 Open.
Case 2) If you have Microsoft Exchange Server, then it will work as is and you don’t need a Load Balancer with Public IP and Port 25. Only thing would be needed is, port 25000 must be whitelisted/ allowed in Firewall.
This is how it would look like,
First Look- Technical Architecture (with LB)
Complete e-Mail Setup & its Architecture,
Overall- SMTP Architecture with LB (Inbound as well Outbound)
If there is challenge in setting up Load Balancer with Public IP and Port 25 (actually, this was the challenge in one of my project. Client was not ready to expose port 25 and that too on Public IP, a Big No). But there was a ray of hope, they had legacy MS Exchange Server and we used it in below way,
First Look- Technical Architecture with Hybrid Approach
Microsoft Team needs to setup 2 Connectors, 2 Rules, and 1 mailboxes.
Realization is, an example,
- From “Vendor@sle.com”, Mario.M@yourdomain.com will receive the e-Mail in Office 365.
- Connector 1 & Rule 1 in Office 365 will forward all the mails received by Mario.M@yourdomain.com to a new Mail box in MS Exchange Server (say, John@yourdomain.com)
- Connector 2 & Rule 2 in MS Exchange will forward all the mails received by vendor@yourdomain.com to SAP’s Inbox (which is John.Doe@sales.xyz.com)
Overall- SMTP Architecture with Hybrid Approach (Inbound as well Outbound)
Yes, Of-course, more job on Rules and Connector Side. That was due to existing e-mail IDs and we were not in position to lose any Data. But if new e-Mail ID is set to receive the mails on MS Exchange then Office 365 will be out of the picture. That architecture would be like below but then that is not something which is recommended due to its age but surely, sometimes, its what and how Customer wants.
First Look- Technical Architecture (with On-Premise MS Exchange Server)
Overall- SMTP Architecture with Hybrid Approach (Inbound as well Outbound)
Use case could be anything, for us, it was Invoices which were arriving in Users Mailboxes and requirement was to have those invoices processed in SAP System without any manual intervention or any Interfaces.
Reference:
- 2203325 – Configuration of e-mail using SMTP (inbound) [Video] – SAP ONE Support Launchpad
- 455140 – Configuration of e-mail, fax, paging/SMS via SMTP – SAP ONE Support Launchpad
- 2417443 – Inbound error “554 Transaction failed” – SAP ONE Support Launchpad
- https://docs.microsoft.com/en-us/Exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail
After successful setup, you will receive the Forwarded e-mails in SAPs Inbox. To check e-mails in SAP System, Run Transaction Code *SOIN*.
Top 3 reasons which will cause a disruption in receiving e-Mails into SAP System.
- Hostname & ports are not Open/Whitelisted or traffic is blocked between On-Premise Exchange and SAP S/4 HANA System is hosted in Private Cloud or Hostname & ports are not Open/Whitelisted or traffic is blocked between Load Balancer and SAP S/4 HANA System is hosted in Private Cloud.
- Connectors (in Office 365 or On-Premise MS Exchange Server) is not setup Correctly, it must point to only Single IP Address (of S4 HANA System) and a Port.
- Check the Profile Parameters (for SMTP Services), SICF (esp. SAPconnect) and SU01 (esp. User Type).
To Troubleshoot the Issue, Best way is,
- Run SMICM and go to ICM Logs.
- Increase the Trace Level to 3.
- Run ‘SOIN’ in your SAP S/4 HANA system and check the trace.
Hope this will help you setup Inbound e-Mail with Office 365 or MS Exchange in your SAP S/4 HANA system (in Private Cloud). Do let me know if I missed any points or if you have any questions. Happy to answer.
Thank you for reading.
Kind Regards,
~ Mahendra