This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 22%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
Hello,
I am setting up automated email functionality for an application. We are on 365.
I need to setup a mailbox so that the server / software can authentication with 365 when sending the email. However, I don't want it to save anything. I don't want the sent messages to accumulate in the shared mailbox's. Sent Items or anywhere else. This is because there could be some confidential information, and I think it is best to not save it anywhere unnecessarily.
How do I do that? How do I setup a mailbox that can authenticate and send mail, but not actually store the mail that it sends?
I looked in the transport rules, but didn't see any options that looked like what I wanted. I also looked at the Retention policy. It looks like there is a 1 day policy for sent items. I could use that, but I was hoping to not store at all.
Thanks,
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Hi, @NW Admin
You may also have the application authenticated with Office 365 and use SMTP AUTH client submission to send emails.
The detailed steps are introduced in this document: How to set up a multifunction device or application to send email using Microsoft 365 or Office 365
Please refer to the Option 1 part.
While, by default it will leave a copy of the message in the "sent items" folder.
You may need to run this command to change the setting of the mailbox via Powershell:
Set-Mailbox -Identity <the specific mailbox> -MessageCopyForSMTPClientSubmissionEnabled $false
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
But why? :)
Its also a security risk to use basic auth to authenticate with 365.
Its better to disable to SMTP auth in the entire tenant.
This is great. Thank you. I am currently working through getting powershell to connect to exchange. Looks like I need to install the Exchange Online Powershell V2 module. I am getting a warning about an untrusted repository. Anyway, I can work that out.
Is the -MessageCopyForSMTPClientSubmissionEnabled a new option? I can't find it in the Set-Mailbox documentation here: https://learn.microsoft.com/en-us/powershell/module/exchange/set-mailbox?view=exchange-ps
Do you have any links to its description?
It seems to be exactly what I am looking for.
David,
This is a great article. Thanks for sharing. However, it specifically says that my situation is one where smtp auth makes sense.
Ok, well, up to you :)
But I would highly recommend you do not enable it for any mailbox unless your app uses Modern Auth.
I dont see that documented online in the help either, but the command is avail in Exo:
All I could find:
https://tgallagher12.medium.com/disabling-saving-of-sent-items-in-an-outlook-mailbox-5780af0d602a
I guess it something you will need to test. You may need to use port 587 to trigger it.
Hi, @NW Admin
This parameter seems to not have been documented in the set-mailbox documentation.
While it is introduced in this uservoice link:
https://office365.uservoice.com/forums/273493-office-365-admin/suggestions/35683693-add-an-option-to-turn-off-keeping-a-copy-of-smtp-r
(Please note that currently this site is not available)
Why do you need to authenticate to 365? Just send the email anonymously from the application as that mailbox. The messages wont exist anywhere except in the recipients mailbox ( wherever you are sending the, to) and within the application itself.
That's a good question. I wasn't sure that 365 would accept the unauthenticated SMTP connection. Plus, I need to email inside and outside our organization.
It will work. SMTP connections are typically anonymous after all :)
As long as you send from an authenticated IP for the domain you are sending as, ( SPF/DKIM/DMARC), then it should be delivered.
Thanks to both of you for your help. The -MessageCopyForSMTPClientSubmissionEnabled seems to have provided the intended functionality.