Configuring On-Premise Linux Postfix SMTP Relay Server to Communicate with Office 365 SMTP Relay for email delivery

Scenario:

 

You have various automation and reporting solutions setup that use an On-Premise Linux Postfix SMTP Servers and relays all the automated email through your On-Premise Exchange server.  You are migrating your Microsoft Exchange from On-Premise Exchange server to Office 365.  You are now required to configure all your On-Premise Linux Postfix SMTP Servers to communicate with Office 365 Exchange online for email delivery.

 

Solution:

 

To simplify your implementation of migration to Office 365, the most elegant method to support your On-Premise Linux Postfix SMTP Servers is to use Office Connectors. The Office 365 SMTP relay uses a connector to authenticate the mail sent from your device or application. This allows Office 365 to relay those messages to your own mailboxes as well as external recipients.  Below is the pictorial representation of the email flow when using Connector.

Shows how a multifunction printer connects to Office 365 using SMTP relay. The printer uses your MX endpoint and requires a connector to authenticate using your IP address. The printer can send email to internal and external recipients.

 

Implementing Office 365 Exchange Connectors:

Implementing Office 365 Exchange Connectors for your Postfix SMTP servers involves creating a new Connector and updating your SMTP servers to communicate with the Connector in-place for your mail domain.

Configuring your On-Premise Linux Postfix SMTP Server’s:

  • Login to your SMTP server as root user
  • Open /etc/postfix/transport file for editing
  • At the end of the file, update the line containing your current mail domain name to point to your Exchange Online MX record, as shown below example:
  • mydomain.com    : [mydomain-com.mail.protection.outlook.com]
  • image
  • Then run command: postmap /etc/postfix/transport
    • root@smtphost:/etc/postfix# postmap /etc/postfix/transport
      root@smtphost:/etc/postfix#
  • Postmap will update the new transport entries into its backend transport.db file which is actually used by the Postfix SMTP services
  • Verify that your changes to transport file are updated by running below command:
    • root@smtphost:/etc/postfix# grep -i outlook *.*
      Binary file transport.db matches
      root@smtphost:/etc/postfix#

  • Then restart the postfix services as shown below
    • root@smtphost:/etc/postfix# postfix reload
      root@smtphost:/etc/postfix#

  • Ensure that the Postfix service has started fine by checking the logs, as shown below
    • root@smtphost:/etc/postfix# tail /var/log/syslog
      Apr 14 08:40:01 smtphost /USR/SBIN/CRON[11697]: (root) CMD (/etc/openvpn/start_office.sh)
      Apr 14 08:43:19 smtphost postfix/master[2692]: reload configuration /etc/postfix
      root@smtphost:/etc/postfix#

  •  
  • To find your Exchange Online MX record, use below steps:

    • Logon to your Office 365 Portal as admin user: https://portal.office.com/Home 
    • Navigate to Office 365 Admin Center
    • Click on Settings > Domains > Click on your existing Domain
    • Under Required DNS Settings > Exchange Online > You’ll find the entries of your MX records as shown below: image
    •  

    Creating Office 365 Exchange Connector:

    • Logon to your Office 365 Portal as admin user: https://portal.office.com/Home 
    • Navigate to Office 365 Admin Center
    • Click on Admin Centers > Exchange > You’ll be taken to the Exchange Admin Center
    • In Exchange Admin Center > Click on Mail Flow > Click on Connectors
    • Click Plus sign to add a new Connector as shown below:   image
    • In the New Connector Wizard select below options:
    • Choose From as “Your organization’s email server” and To as “Office 365”image
    • Give a name to your Connector along with a brief description explaining its purposeimage
    • Choose “By verifying that the IP address of the sending server matches one of these IP addresses that belong to your organization. These IP addresses must belong to your organization exclusively. You can’t include IP addresses that are owned by third-party services. For example, you can’t include an IP address that belongs to Office 365, hotmail.com, gmail.com, verizon.com, and so on.” > Click on Plus icon and Add IP-Addresses of all your SMTP servers that you would like them to relay email to office 365 SMTP relayimage
    • Review all the settings and Click Saveimage
    • That’s all, you have now successfully created a Connector for your Exchange Domain through which only your predefined On-Premise Linux Postfix SMTP Servers can relay emails.
  • Verifying the email flow from your On-Premise Linux Postfix SMTP Servers > Office 365 Exchange Online SMTP Connector > To the Recipient:

    • Login to your SMTP server as root user
    • Run the Mail Queue commands to send out any outstanding emails using any of below commands:
      root@smtphost:/etc/postfix# postqueue -p
      Mail queue is empty
      root@smtphost:/etc/postfix# mailq
      Mail queue is empty
      root@smtphost:/etc/postfix#

  • You may also check the relay email sent status by checking mail log files as show below:
    • root@smtphost:/etc/postfix# tail /var/log/mail.log
      Apr 14 08:59:02 smtphost postfix/smtpd[11788]: 6A4505E4039: client=unknown[172.20.7.110]
      Apr 14 08:59:02 smtphost postfix/cleanup[11790]: 6A4505E4039: message-id=<20160314125902.6A4505E4039@mail.mydomain.com>
      Apr 14 08:59:02 smtphost postfix/qmgr[11710]: 6A4505E4039: from=<reportsadmin@mydomain.com>, size=104228, nrcpt=1 (queue active)
      Apr 14 08:59:02 smtphost postfix/pickup[11709]: 88E455E4091: uid=1002 from=<reportsadmin@mydomain.com>
      Apr 14 08:59:02 smtphost postfix/pipe[11791]: 6A4505E4039: to=<govardhan@mydomain.com>, relay=spamfilter, delay=0, status=sent (mail.mydomain.com)
      Apr 14 08:59:02 smtphost postfix/qmgr[11710]: 6A4505E4039: removed
      Apr 14 08:59:02 smtphost postfix/cleanup[11790]: 88E455E4091: message-id=<20160314125902.6A4505E4039@mail.mydomain.com>
      Apr 14 08:59:02 smtphost postfix/qmgr[11710]: 88E455E4091: from=<reportsadmin@mydomain.com>, size=104344, nrcpt=1 (queue active)
      Apr 14 08:59:04 smtphost postfix/smtp[11796]: 88E455E4091: to=<govardhan@mydomain.com>, relay=mydomain-com.mail.protection.outlook.com[216.32.180.170], delay=2, status=sent (250 2.6.0 <20160314125902.6A4505E4039@mail.mydomain.com> [InternalId=258488228923, Hostname=BL2AR1101MB0142.namprd11.prod.outlook.com] 109538 bytes in 0.326, 327.465 KB/sec Queued mail for delivery)
      Apr 14 08:59:04 smtphost postfix/qmgr[11710]: 88E455E4091: removed
      root@smtphost:/etc/postfix#

  • That’s all, from now on all your emails sent through your On-Premise Linux SMTP relays servers will reach the intended recipients.
  •  
  •  

    References: