Problem Statement

You recently moved your Microsoft Exchange Environment from on-premise to the cloud.  You then notice that Notification Workflows that send email from the FIM Service Account have stopped working.
Work-Around
We currently have developed a work-around for the issue.  You can utilize a SMTP Service local to the FIM Service box to send mail with the FIM Service Account.

1.      Install the SMTP Server feature along with any required roles. 
*NOTE: Utilize Server Manager to accomplish this task.

2.      Edit the Microsoft.ResourceManagement.Service.exe XML configuration file. 

*NOTE: File is found in %programfiles%\Microsoft Forefront Identity Manager\2010\Service folder on the machine running the FIM Service.
See image below.

3.      Configure SMTP relay in the IIS 6.0 manager to "All except the list below" and ensure the checkbox for "Allow all computers which successfully authenticate to relay, regardless of the list above" is checked.

a.      Under Administrative Tools select Internet Information Services (IIS) 6.0 Manager

b.      View the Properties of the SMTP Virtual Server and select the Access Tab

c.       Review the Relay Restrictions

                                                     i.     Place dot beside “All except the list below

                                                   ii.     Ensure the check is beside “Allow all computers which successfully authenticate to relay, regardless of the list above.

d.      Click Ok, and Ok to get back to IIS 6.0 Manager



4.      Restart the FIM Service

Testing the Solution
You can easily test with the following from an Administrative Command Prompt.  The image below shows the results after “TELNET LOCALHOST 25

1.      Open an Administrative Command-Prompt

2.      Type telnet localhost 25

3.      Press the ENTER key

4.      Review results

telnet localhost 25
RSET
EHLO
MAIL FROM:FIMSERVICE@contoso.com
RCPT TO:user@contoso.com
DATA
hello this is a test


Here SERVERNAME is the netbios name of the FIM Server FIMSERVICE is the name of the FIM Service Account, and user@contoso.com is the test user to whom we are sending the test email. 
*NOTE* make sure the above commands are typed correctly. Any typos will cause it to fail. 

CAVEAT: Implementing this workaround will allow notifications to be sent successfully from the FIM Service account, but breaks all functionality of outlook client plugins for approvals and group membership.