I'm transitioning my scan-to-email printers from using an on-premise relay to sending directly to companyname-com.mail.protection.outlook.com. I've successfully set up the connector, and printers that can use the SMTP host name work perfectly. However, for those that only accept an IP address as the SMTP server, I need a method to resolve an internal IP to companyname-com.mail.protection.outlook.com.
I attempted to create a PTR record in the reverse lookup zone, and using nslookup, it correctly resolved the internal IP as companyname-com.mail.protection.outlook.com. Unfortunately, it didn't work on the printer, which just indicated it couldn't reach the destination server. I also tried setting up a new forward lookup zone for companyname-com.mail.protection.outlook.com and creating a blank A record linked to that internal IP, but that didn't yield any results either.
5 Answers
Have you tried pinging the MX record and using that IP instead?
Honestly, if your printer is that old and only accepts IP addresses for SMTP, it might just be time for an upgrade. But if replacing it is not an option, you might want to keep using the SMTP relay you already have.
There are a few challenges here. First, routing traffic from an internal IP to an external one without the printer knowing isn’t straightforward. If DNS was the answer, you wouldn’t need to use an IP in the first place. Also, keep in mind that many older printers stick to basic authentication, and with Microsoft moving away from that, it makes things even trickier. Why not just stick with the relay if you can’t eliminate scan-to-email functionality?
Just a thought, but why does the internal IP need to resolve to an external address? Can’t you just ping companyname-com.mail.protection.outlook.com to get the current public IP and use that directly for the printer?
Using a direct IP can be risky since it might change, causing issues down the line. That's the whole point of having DNS!
Another option could be to set up a lightweight SMTP relay in a Docker container. It's super straightforward and requires minimal resources.
I feel the same way, but now that I’m thinking about it, maybe there’s a workaround out there.