Configuring Postfix as email relay for Office 365

Posted: April 11, 2018 in Linux

Install sasld

yum install cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5
systemctl start saslauthd

in /etc/postfix folder create file sasl_passwd and put username and password of mailbox which will be used as relay

[smtp.office365.com]:587 user@domain.com:Pass

To set default “from” to be this email open file /etc/postfix/generic

Add this at bottom (this is amazon AWS instance)

root@ip-1-18-23-1.company.com user@domain.com

All emails will be rewritten with in from field with one we just specified

postmap hash:/etc/postfix/sasl_passwd
postmap hash:/etc/postfix/generic

now add following lines in /etc/postfix/main.cf

relayhost = [smtp.office365.com]:587
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_auth_enable = yes
smtp_generic_maps = hash:/etc/postfix/generic
smtp_tls_security_level = may
smtp_sasl_security_options = noanonymous

Restart postfix service and you should be able to send emails through Office 365

If you get “Office 365 unreachable” error, in /etc/postfix/main.cf
change inet_protocols line from all to ipv4

Certificate authentication

If we want to secure our connection we can secure it with certificate:

openssl s_client -showcerts -starttls smtp -crlf -connect smtp.office365.com:587

In my case i got 2 certificates, i copied it in cacert.pem file

Capture.PNG

then add following lines to /etc/postfix/main.cf

smtp_send_dummy_mail_auth = yes
smtp_always_send_ehlo = yes
smtp_tls_security_level = encrypt
smtp_use_tls = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem

Restart postfix service and your traffic is now encrypted

Comments
  1. Jordan Acosta says:

    Muchas gracias, funciono perfecto con esta documentacion.

    Like

  2. Mikhail says:

    Great instruction! helped me a lot!

    Like

  3. Tamás Bors says:

    I did everything, but I got this error when sending email:

    relay=smtp.office365.com[40.97.135.146]:587, delay=2.3, delays=0.04/0/1.9/0.37, dsn=5.2.0, status=bounced (host smtp.office365.com[40.97.135.146] said: 554 5.2.0 STOREDRV.Submission.Exception:SendAsDeniedException.MapiExceptionSendAsDenied; Failed to process message due to a permanent exception with message Cannot submit message

    and also this (but this is a warning)
    Aug 2 09:45:35 learning postfix/smtp[13847]: warning: network_biopair_interop: error writing 37 bytes to the network: Connection reset by peer

    any ideas?
    thank you

    Like

    • dragan979 says:

      according to error it seems account you’re using have no send as permissions, go to Office 365 console and check mailbox permissions.

      Can you send emails from that account from outlook/OWA ?

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s