Multiple smtp relay send accounts for office365



This is a follow up on this post here about smtp and office365 - after some more investigation i've made some further changes as our use case changed slightly and the original solution didn't fit.

Originally we just needed to be able to send all emails originating from a single account and we had some postfix config that would do that.

Now however we want to be able to send smtp messages out from multiple accounts - the account being used to send out being dependent on the from address being specified in the mail.

For example if the messages are from electricity@energycompany.com they should be send out using that email address from the smtp relay , if they are from gas@energycompany.com then they should be sent out using that account.

The basic setup i had only allowed a generic@energycompany.com for every single mail that was sent.

So how did i fix this?

Well after a lot of reading and trial and error the solution is actually surprisingly simple - these are the parameters in question in the main.cf postfix config file

smtp_sender_dependent_authentication = yes
relayhost = smtp.office365.com:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = regexp:/etc/postfix/sasl_passwd
smtp_tls_security_level = may
smtp_sasl_security_options = noanonymous


The key ones really being the top one and the 4th one - these are basically saying make the sender dependent on the from address being used and look that up using pattern matching in the sasl_password file and use the credentials you fin there to do that









The contents of the password file being like so:

/^first.last@company.com$/ office365username1:office365password1
/^anotherfirst.anotherlast@company.com$/ office365username2:office365password2
/^yetanotherfirst.yetanotherlast@company.com$/ office365username3:office365password3


So to be explicit if i send a message to the smtp relay on port 25 with a from address of first.last@company.com the mail will be sent out using the mailbox in office365 access using the login office365username1:office365password1

If it comes from anotherfirst.anotherlast@company.com it then uses office365username2 - you get the idea.

Anything not matching the pattern gets rejected, i would imagine you can have a catch all at the end for a generic account that could send anything else out should you so wish.

This solves our simple requirements at the moment and means we can have a single smtp relay used by mutliple applications to send mail out - without having to 'modernize' the application to call office365 direct (whcih we should probably do at some point....)

Hope this is useful i found it really hard to find an example on google i could just cut and paste from......

Comments

  1. Would there be anyway to use this with email aliases?" I have one account smtp@mydomain.com and several alias for that account server@mydomain.com, printer@mydomain.com ect... Typicaly this works when i can configure a smtp client. I use From: server@mydomain.com, with auth user: smtp@mydomain.com and it works fine.

    ReplyDelete
  2. Hi,
    If i got you right then this should be no problem - you probably just need to list multiple lines in the config file - so something like this - so everything authenticates to the same account but sends from multiple 'from' addresses.

    /^alias@mydomain.com$/ office365username1:office365password1
    /^alias2@mydomain.com$/ office365username1:office365password1
    /^alias3@mydomain.com$/ office365username1:office365password1

    ReplyDelete
  3. Hi... thank you sooooooo much. I was searching this for so long !!! That's perfect for Postfix and Office365 which ask a specific authentication for each sender. Perfect !!!

    ReplyDelete

Post a Comment