Difference between revisions of "Office365 SMTP Relay Information"

From Michael's Information Zone
Jump to navigation Jump to search
Line 11: Line 11:
  
 
==Postfix==
 
==Postfix==
Make sure to remove sendmail then install postfix and mailx.<br>
+
Make sure to remove sendmail then install postfix and mailx. (don't forget about <b>cyrus-sasl</b><br>
 
For the postfix configuration I added the following to the main.cf file
 
For the postfix configuration I added the following to the main.cf file
 
<pre>
 
<pre>

Revision as of 11:55, 17 June 2017

This has been a struggle. If you want an internal mail server, without public DNS entries, to send mail to a domain in Office 365 your stuck. The following needed to be accomplished:

  1. Allow printers to scan to email securely
  2. Allow servers to send reports via email
  3. Specify any From address I wanted.
  4. Without the need to add additional public DNS entries.

Really I just wanted to log into the server and masquerade all day long. Think about it, why would I want to create an inbox for an account that will only send? Of course you would need to pay for additional licensing but that is not what we want to do.

I got as far as configuring postfix to send email as a user, but this meant that every email I sent would be shown as coming from THAT user (or any other user that user has send on behalf as). Some of this is legitimate security but in the end it's just a pain for something that requires simple authentication.

Postfix

Make sure to remove sendmail then install postfix and mailx. (don't forget about cyrus-sasl
For the postfix configuration I added the following to the main.cf file

relayhost = [smtp.office365.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

I then created the auth file mapping using the following format

echo [smtp.office365.com]:587 user@domain.tld:password > /etc/postfix/sasl_passwd
postmap /etc/postfix/sasl_passwd

Then, when I would send the test message, I would specify the sender as being the one listed in the sasl_passwd file

echo "Test Message" | mail -r user@domain.tld -s "Test Subject" michael@domain.tld && tail -f /var/log/maillog

Then I received mail. After much reading I found that people would either build additional mail servers or use something like Amazon's Simple Email Service (https://aws.amazon.com/ses/). Considering I have a lot to do I would just rather let Amazon handle the heavy lifting and move on with my life.