Authenticated Email Submission using SMTP

Last updated: November 15, 2022
Audience: IT Staff / Technical

To reduce the amount of ‘spam’ email sent via UW’s email infrastructure, the UW email submission service (smtp.uw.edu) requires authenticated (using a UW NetID and password) and secured (e.g., using STARTLS) connections. SMTP Server Info

hostname smtp.uw.edu
server port 587
encryption TLS
username <UW NetID>
password <UW NetID password>

Exceptions to the authenticated submission requirement

There may be circumstances where email needs to be submitted and the sending software or device cannot use authentication. In such cases it is necessary to request an exception to the authentication requirement.  Exceptions are intended to be temporary, primarily to provide time to transition a service or application to use authentication.  Approved exceptions are subject to annual review, if not otherwise specified in the approval.  In the event of a problem or adverse impact caused by a process using an exception, the exception may be revoked with or without prior notice depending on the circumstances and impact.  Once revoked, a notice will always be sent that provides the reason the exception was revoked and what is required to restore the exception.

If you are running an email server, you should not request an exception to route your mail through the UW SMTP servers.  Instead, you need to have your server configured to route mail directly and ensure that you provide appropriate security and filtering protections.  UW-IT’s Virtual Email Domain service is an alternative to running your own mail server.

Two kinds of exceptions may be requested to the authenticated submission requirement:

  • From/To: allows messages from a particular address to be sent, without authentication, to a particular address.
  • Hostname: allows messages sent from a particular DNS hostname without authentication, without regard for what email address(es) are used.

From/To address exceptions are preferred whenever possible, as a hostname exception presents more risk in the event the host or an application/service on the host is compromised.

All exception requests require, minimally, approval by UW-IT.  From/To exceptions are reviewed for reasonableness and are generally approved and provisioned within 2 business days.  Due to the higher associated risk, hostname exceptions require a business justification and approval of both UW-IT and the appropriate dean/director/vice president, and require that the associated host:

  • be a “server” (not a “workstation” system, e.g., not running “productivity” apps); the implication is that the host should be more tightly controlled, monitored, and supported than a typical “user workstation”, and
  • be well managed, the implication is that it is updated, monitored, and controlled, and
  • have a static IP address, with matching forward and reverse DNS, and
  • needs to send email to or from multiple email addresses, and the associated software/process actually sending email doesn’t support authenticated SMTP

Hostname exceptions will be reviewed, and provisioned if approved, within 3-5 business days.

Requesting an exception to the authenticated submission requirement

Please use our form: https://iam-tools.u.washington.edu/server-reg/smtp