Postfix – SMTP E-Mail Relay for Office 365


To totally unlock this section you need to Log-in


Login

Postfix is a flexible mail server that is available on most Linux distribution. Though a full featured mail server, Postfix can also be used as a simple relay host to another mail server, or smart host. This tutorial will describe how to configure Postfix as a relay through Office 365 service, so using Exchange Online.

In this tutorial we are going to use CentOS 7 or Red Hat Enterprise Linux 7 as operating system on which we will enable the SMTP relay and we will need also, obviously, valid Office 365 e-mail credentials (so an activated Exchange Online plan).

IMPORTANT NOTE: In this scenario we will not see hardening configuration of Postfix, so does not take this article as the most secure configuration available (it is not). The purpose of this article is to show a basic configuration of a connection between Postfix and Office 365.

Installation

First we will need to install Postfix using the following command:

[root@localhost ~]# yum install postfix cyrus-sasl cyrus-sasl-plain cyrus-sasl-md5 mailx

Postfix has a main configuration file named main.cf, in which we will make the required change as follow:

[root@localhost ~]# vi /etc/postfix/main.cf

relayhost = [smtp.office365.com]:587
mynetworks = 127.0.0.0/8
inet_interfaces = loopback-only
smtp_use_tls = yes
smtp_always_send_ehlo = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_generic_maps = hash:/etc/postfix/generic

Now save and exit from the file.

In /etc/postfix folder create file, if not exist already, sasl_passwd and put username and password of the account (Exchange Online) which will be used for SMTP relay. The configuration of postfix SASL credentials:

[root@localhost ~]# vi /etc/postfix/sasl_passwd

Now add a line below:
[smtp.office365.com]:587 user@domainname:password

Now save and exit from file.

NOTE: obviously, the user specified will have to be assigned a valid Exchange Online license to let the connection to Office 365 to work.

A Postfix lookup table must now be generated from the sasl_passwd text file by running the following command:

[root@localhost ~]# postmap /etc/postfix/sasl_passwd

Now change permission for this file
[root@localhost ~]# chown root:postfix /etc/postfix/sasl_passwd [root@localhost ~]# chmod 640 /etc/postfix/sasl_passwd

Next, we need to configure the generic file in order to be able to send e-mails as a valid user (this is required for Office 365).

[root@localhost ~]# vi /etc/postfix/generic

Go the end of file and append following lines.

[email protected] [email protected]

Save and exit from file.

Next let's correct the file permission to avoid unauthorized modifications:

[root@localhost ~]# chown root:root /etc/postfix/generic
[root@localhost ~]# chmod 0600 /etc/postfix/generic
[root@localhost ~]# postmap /etc/postfix/generic

Now change alias root to your e-mail address:

[root@localhost ~]# vi /etc/aliases
Make the changes like below:
mailer-daemon:  postmaster
postmaster: root
root: [email protected]

Save and exit from the file.

Run command newaliases to update the last modification and take effect on the system:

[root@localhost ~]# newaliases

Let's restart Postfix service:

[root@localhost ~]# systemctl restart postfix

Now we will try to send a test email using the command below.

For Centos systems we could use the following command:

echo "This is the body of the email"| mail -r "Sender-Display-Name<sender @domain.com>" -s "This is the subject(E-Mail from SMTP Relay) line" [email protected]

On Ubuntu systems the command will be like:

echo "This is the body of the email" | mail -s "This is the subject(E-Mail from SMTP Relay) line" [email protected] -a "FROM:Example<[email protected]>"

You will get an email at [email protected].

Change root display name to Actual user name

By default when we send an email display name will be root let's modify root user's description by using the command below:

[root@localhost ~]# usermod -c "Example" root

Now sender name has been changed to the actual user name.

Testing Mail Flow

If your test fails you can check the mail.log file to try and determine why. Use the following command to check, in realtime, the mail flow from your SMTP server to dig into log lines and understand which is the reason on why mails are not delivering.

tail - f /var/log/mail.log

After making changes be sure to restart Postfix before testing:

service postfix restart