Windows Server

How to configure WSUS Email Notification to Work With Office365

An email notification is an email sent to inform your subscribers about changes or updates to a website or service. Email and push notifications are both powerful ways by which you can deliver your message to your users. For some related content, see these guides, Windows Server Update Services Commands, WAUACLT, PowerShell, and USOClient, how to Start, Stop and Restart Windows Server Update Services (WSUS) via PowerShell and CMD, Windows 2016 Servers does not show up on WSUS console, and WSUS clients appear and disappear from the WSUS Update Services console.

WSUS does not support SSL or TLS required connection, therefor you would need to set up an SMTP relay in order to establish this connection with the Mail Server (Office365).

For more articles I have written, see the following hyperlinks below; configuring WSUS Email Notification to Work With Office365, how to set up and configure Windows server update services (WSUS), important Areas to Master on WSUS (Installed and not applicable, Install 1/4, and Installed / Not applicable 100), how to configure WSUS Clients to get Updates from the WSUS server using Registry settings, how to apply Windows Updates from WSUS to the server using AWS RunCommand, how to Configure SSL between WSUS servers (Upstream and Downstream Servers).

Solution: To Solve this problem, you will have to setup an SMTP-relay serve: Setting up smtp relay on windows server 2012:
Install SMTP on Windows Server
– Open Server Manager and
– Select Add Roles and Features.
– Select Server Selection and make sure that the server that will be running the SMTP server is selected and then select Features.

On the Select Features screen,
– Choose SMTP Server. You may be prompted to install additional components. If that’s the case,
– Select Add Required Features and
– Select Next.
– Select Install. After the installation is finished, you may have to start the SMTP service by using the Services snap-in for the Microsoft Management Console (MMC).

Set up SMTP
– Open Server Manager,
– Select Tools, and then
– Select Internet Information Services (IIS) 6.0.

Expand the current server, right-click the SMTP Virtual Server, and then select Properties.
– On the General tab,
– Select Advanced
– Click on Add.
– Enter the Public IP of the WSUS/SMTP server if they are installed on the same server but if not enter the IP of the SMTP server followed by port 25

In the IP Address box, specify the address of the server that’s hosting the SMTP server. In the Port box, enter 25 and select OK.

Step 3: On the Access tab, do the following: Select Authentication

and make sure that Anonymous Access is selected.

Select Connection as shown below

Select “Only the List” below, and then specify the IP addresses of the devices that will be connecting to the SMTP server, such as the WSUS server itself or a printer

Upon click ok, this will be granted to the Private IP address

Select Relay > Only the List Below, and then specify the IP address of the devices relaying through this SMTP server

While we’re here, click on “Relay” and check that the box labeled “Allow all computers which successfully authenticate to relay…” is ticked and also enter the Private IP Address here.

On the Delivery tab, select Outbound Security, and then do the following:
Select Basic Authentication.

And select Anonymous access as shown below

Select Outbound Connections, and in the TCP Port box, enter 25 and select OK.

Finally, Select Advanced and specify the SMTP server as smart host as the Smart Host.

Note: This is not You can find this when you connect to the Office365 admin center
– Go to settings on Office365 and
– Select domain as shown below

Note: Create a connector on Office365 using the EIP (Public IP Address of the SMTP server). This process is very simple. Now go back to the SMTP-Relay server,

Select Advanced and enter the FQDN and the MX record for your office365

Now restart the IIS service and the SMTP service. Now go to the WSUS server (Enter your email here in order to get status report)

Test the configuration

Now, you should get an email notification showing your smtp server-relay setup is working

Subsequently, you should get emails from time t time showing updates status and windows updates available as shown below

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Notify of

Inline Feedbacks
View all comments
Adam Marshall
8 months ago

Why not just use direct send? MX Endpoint, port 25, no authentication, no SSL. Sending to a mailbox or distribution group or alias.

8 months ago
Reply to  Adam Marshall

Thank you, Adam! I haven’t used O365 Direct Send. I will check this out…

Would love your thoughts, please comment.x