Relayway is a lightweight SMTP relay server that bridges legacy applications with Microsoft Graph's modern OAuth authentication. When Microsoft disabled basic authentication for Exchange, many applications were left unable to send emails through O365. Relayway solves this by acting as a local SMTP server that receives emails and forwards them via Microsoft Graph API.

Common applications that benefit from Relayway include monitoring systems, backup software, legacy ERP systems, and any application that needs to send notifications via email without OAuth support.

✨ Releases | 📦 Packages

Our goal: Enable any application to send emails through Microsoft 365 without in-app OAuth complexity.

Relayway is built to solve the Microsoft 365 authentication challenge with minimal complexity. Whether you're running legacy systems or modern applications, Relayway adapts to your infrastructure with secure, efficient email delivery.

• Zero-config: Applications connect to localhost:2525 with no authentication required
• Bridge: Automatically handles Microsoft Graph authentication and token management
• Secure: Only accepts connections from localhost, eliminating network security concerns
• Cross-platform: Available for Windows, Linux, and Docker environments
• Lightweight: Minimal resource usage with efficient email processing

Before deploying Relayway, make sure your environment meets the following requirements. These ensure full functionality across all features, especially Microsoft Graph integration and authentication.

• .NET 9+ Runtime
• A Microsoft 365 Tenant
• A user with appropriate admin roles (Global Administrator, Privileged Role Administrator, Application Administrator, or Cloud Application Administrator) who can grant Application Mail.Send, User.Read.All and MailboxSettings.Read API permissions
• The email address used as the SendFrom address must be a valid address within the tenant

Ready to go? Then continue:

Follow these steps to get Relayway up and running in your environment. Setup is fast and straightforward, making it easy to bridge your legacy applications with modern authentication.

Create your Azure application registration to enable Microsoft Graph access.

1. Navigate to Azure App Registrations
2. Click New Registration, enter a name, leave defaults
3. Go to API Permissions → Add a permission → Microsoft Graph → Application permissions
4. Add these permissions: Mail.Send,User.Read.All and MailboxSettings.Read. Finally, press 'Add permissions'.
5. Click Grant admin consent for your tenant
6. Navigate to Certificates & secrets → Client secrets → New client secret
7. Set expiry to 24 months, copy the secret value immediately
8. Note your Client ID and Tenant ID from the Overview tab

Grab the latest release and extract it to your deployment folder.

Define your Microsoft Graph and SMTP settings to enable email relay functionality.

appsettings.json

{
  "Graph": {
    "ClientId": "your-client-id",
    "TenantId": "your-tenant-id",
    "ClientSecret": "your-client-secret"
  },
  "LogLevel": "Information",
  "SendFrom": "[email protected]",
  "Smtp": {
    "Host": "localhost",
    "Port": 2525
  }
}

Extract to C:\Relayway and run the executable. For automatic startup, import the included Relayway.xml into Task Scheduler.

For containerized environments, Relayway provides ready-to-use Docker images with environment variable configuration.

docker run -d \
  --name relayway \
  -e LogLevel=Warning \
  -e Smtp__Host=localhost \
  -e Smtp__Port=2525 \
  -e Graph__TenantId="your-tenant-id" \
  -e Graph__ClientId="your-client-id" \
  -e Graph__ClientSecret="your-client-secret" \
  -e SendFrom="[email protected]" \
  ghcr.io/melosso/relayway

services:
  relayway:
    image: ghcr.io/melosso/relayway
    container_name: relayway
    environment:
      - LogLevel=Warning
      - Smtp__Host=localhost
      - Smtp__Port=2525
      - Graph__TenantId=your-tenant-id
      - Graph__ClientId=your-client-id
      - Graph__ClientSecret=your-client-secret
      - [email protected]
    restart: unless-stopped

1. Go to the 'App registrations' section in Azure.
2. Click 'New Registration'.
3. Enter a name and leave everything else as default.
4. Navigate to 'API permissions' and click 'Add a permission'.
5. Choose 'Microsoft Graph', then select 'Application permissions', then find Mail.Send and tick it. Do the same for User.Read.All and MailboxSettings.Read. Finally, press 'Add permissions'.
6. Grant admin consent by clicking 'Grant admin consent for Tenant Name' (where Tenant Name is the name of your Microsoft 365 tenant). Hit 'Yes' at confirmation.
7. Navigate to 'Certificates & secrets', choose the 'Client secrets' tab, then click 'New client secret', enter a description and set expiry to 24 months or a custom value.

   [!TIP] Set a reminder in your calendar now for 24 months' time to renew and update this secret.

8. Copy the secret value and make note of it.

   [!IMPORTANT] The secret value is only displayed once.

9. The Client ID and Tenant ID can be found in the overview tab.

For Docker and containerized deployments, use environment variables for configuration:

LogLevel=Information
Smtp__Host=localhost
Smtp__Port=2525
Graph__TenantId=your-tenant-id
Graph__ClientId=your-client-id
Graph__ClientSecret=your-client-secret
[email protected]

Configure your legacy applications to use Relayway as their SMTP server:

SMTP_HOST=localhost
SMTP_PORT=2525
[email protected]
SMTP_SECURE=false
SMTP_AUTH=false

Relayway is designed with security in mind by only accepting local connections. Always use localhost as your SMTP host, as Relayway has no built-in authentication or encryption by design — this is intentional for local-only usage.

Use tools like SMTP Test Tool to verify functionality:

# Using swaks for testing
docker run --network docker_default --rm -ti chko/swaks \
  --to [email protected] \
  --from [email protected] \
  --server relayway \
  --port 2525 \
  --header "Subject: Test Email"

Relayway provides comprehensive logging to help you monitor email delivery and troubleshoot issues.

• Configurable log levels: Verbose, Debug, Information, Warning, Error, Fatal
• OAuth token management logging
• SMTP transaction logging
• Microsoft Graph API interaction logs

Log configuration follows Serilog standards for flexible output formatting and destinations.

Thanks to the open source tools that make Relayway possible.

• MailMust by Ben Davies

This project relies on:

• ASP.NET Core
• SmtpServer by Cain O'Sullivan
• Microsoft Graph SDK
• Serilog

Contributions are welcome, please submit a PR if you'd like to help improve Relayway. Found a bug or have a feature idea? Open an issue with detailed information.

This project is licensed under the GNU 3.0 license (AGPL-3.0). See LICENSE for full details.