WSUS does not support SSL or TLS required connection, therefor you would need to setup and SMTP relay in order to establish this connection with the Mail Server (Office365).
Solution: To Solve this problem, you will have to setup an SMTP-relay server
Setting up smtp relay on windows server 2012
Install SMTP on Windows Server
Open Server Manager and select Add Roles and Features.
Select Server Selection and make sure that the server that will be running the SMTP server is selected and then select Features.
On the Select Features screen, choose SMTP Server. You may be prompted to install additional components. If that’s the case, select Add Required Features and select Next.
Select Install. After the installation is finished, you may have to start the SMTP service by using the Services snap-in for the Microsoft Management Console (MMC).
Set up SMTP
Open Server Manager, select Tools, and then select Internet Information Services (IIS) 6.0.
Expand the current server, right-click the SMTP Virtual Server, and then select Properties.
On the General tab,
select Advanced > Add.
Enter the Public IP of the WSUS/SMTP server if they are installed on the same server but if not enter the IP of the SMTP server followed by port 25
In the IP Address box, specify the address of the server that’s hosting the SMTP server. In the Port box, enter 25 and select OK.
On the Access tab, do the following:
Select Authentication and make sure that Anonymous Access is selected.
Select Connection > Only the List Below, and then specify the IP addresses of the devices that will be connecting to the SMTP server, such as the WSUS server itself or a printer
Upon click ok, this will be granted to the Private IP address
Select Relay > Only the List Below, and then specify the IP address of the devices relaying through this SMTP server
While we’re here, click on “Relay” and check that the box labeled “Allow all computers which successfully authenticate to relay…” is ticked and also enter the Private IP Address here.
On the Delivery tab, select Outbound Security, and then do the following:
Select Basic Authentication.
And select Anonymous access as shown below
Select Outbound Connections, and in the TCP Port box, enter 25 and select OK.
Finally, Select Advanced and specify the smtp server as smart host as the Smart Host.
Note: This is not smtp.office365.com. You can find this when you connect to Office365 admin center
– Go to settings on Office365 and
– Select domain as shown below
Note: Create a connector on the Office365 using the EIP (Public IP Address of the SMTP server)
This process is very simple
Now go back to the SMTP-Relay server,
Select Advanced and enter the FQDN and the MX record for your office365
Now restart the IIS service and the SMTP service.
Now go to the WSUS server (Enter your email here in order to get status report)
Test the configuration
Now, you should get an email notification showing your smtp server-relay setup is working
Subsequently, you should get emails from time t time showing updates status and windows updates available as shown below