Office365 SMTP Relay Information
This has been a struggle. If you want an internal mail server, without public DNS entries, to send mail to a domain in Office 365 your stuck. The following needed to be accomplished:
- Allow printers to scan to email securely
- Allow servers to send reports via email
- Specify any From address I wanted.
- Without the need to add additional public DNS entries.
Really I just wanted to log into the server and masquerade all day long. Think about it, why would I want to create an inbox for an account that will only send? Of course you would need to pay for additional licensing but that is not what we want to do.
I got as far as configuring postfix to send email as a user, but this meant that every email I sent would be shown as coming from THAT user (or any other user that user has send on behalf as). Some of this is legitimate security but in the end it's just a pain for something that requires simple authentication.
Docker
WIP
Decided to work off what someone else already did. This is not as easy as I thought it would be, and this config ended up working well for me [1]
- Dockerfile
git clone https://github.com/juanluisbaptiste/docker-postfix.git cd docker-postfix/ sudo docker build -t postfix -f Dockerfile .
Postfix
[2]
Make sure to remove sendmail then install postfix and mailx. (don't forget about cyrus-sasl
For the postfix configuration I added the following to the main.cf file
relayhost = [smtp.office365.com]:587 smtp_use_tls = yes smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous
I then created the auth file mapping using the following format
echo [smtp.office365.com]:587 user@domain.tld:password > /etc/postfix/sasl_passwd postmap /etc/postfix/sasl_passwd
Then, when I would send the test message, I would specify the sender as being the one listed in the sasl_passwd file
echo "Test Message" | mail -r user@domain.tld -s "Test Subject" michael@domain.tld && tail -f /var/log/maillog
Then I received mail. After much reading I found that people would either build additional mail servers or use something like Amazon's Simple Email Service (https://aws.amazon.com/ses/). Considering I have a lot to do I would just rather let Amazon handle the heavy lifting and move on with my life.