The IT department is moving away from creating a service account to shared mailbox. All of our department email accounts are being converted to shared mailbox. Until now, I had been using EWS to send email from our web app to recipients using the following code:
ExchangeService service = new ExchangeService();
service = new ExchangeService(ExchangeVersion.Exchange2013_SP1)
{
Credentials = new NetworkCredential("[email protected]", "Password1"),
Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx")
};
email = new EmailMessage(service);
email.Body = new MessageBody(BodyType.HTML, Message.ToString());
email.ToRecipients.Add(Recipient.email);
email.SendAndSaveCopy();
}
How can I use shared mailbox for sending emails instead of having hard coding email address and password? The email address I use is the service account that doesn't fall in the current password security criteria. It is because of this reason, they're changing department emails to shared mailbox.
I'm using Windows Authentication that authenticates users from Active Directory.
Exchange Web Services (EWS) is an application program interface (API) that allows programmers to access Microsoft Exchange items such as calendars, contacts and email.
Exchange Web Service (EWS) Exchange Web Services (EWS), an alternative to the MAPI protocol, is a documented SOAP based protocol introduced with Exchange Server 2007. We can use HTTP or HTTPS protocol to send email with Exchange Web Services (EWS) instead of SMTP protocol.
You can use the following Exchange Management Shell cmdlets to view the current access configuration and set EWS access controls: Get-CASMailbox - Shows you what parameters are set for a particular mailbox. Set-CASMailbox - Sets parameters for a particular mailbox.
If you want to keep using EWS you will still probably need a Service account for using Shared Mailboxes (unless your app can impersonate a user that has SendAS rights on the Shared Mailbox), eg your grant the Service Account SendAs rights for the Shared Mailboxes you want to send as and then Set the From Address and Sent Items Folder to that of the Shared Mailbox (that's if you want a copy of the message saved in the Shared Mailboxes Sent Items Folder). eg
email.From = new EmailAddress("[email protected]");
Mailbox SharedMailbox = new Mailbox("[email protected]");
FolderId SharedMailboxSendItems = new FolderId(WellKnownFolderName.SentItems, SharedMailbox);
email.SendAndSaveCopy(SharedMailboxSendItems);
A better approach which would allow you to get rid of the service account would be to use the new REST API https://msdn.microsoft.com/en-us/office/office365/api/mail-rest-operations then create an App that just has rights to Send Email and take advantage of certificate authentication https://msdn.microsoft.com/en-us/office/office365/howto/building-service-apps-in-office-365. That should allow you to get rid of any licences requirements for the Service Account and also gives a much more secure application as you no longer have hardcoded creds and your app just has access for what it needs to to do and nothing else.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With