main.cf fragment: relay to smart host

1. ######################################################################
2. # identification of this mail system
3.  
4. myorigin = server42.corp.contoso.com
5. mydomain = corp.contoso.com
6.  
7. ######################################################################
8. # relay control
9.  
10. # Controls are relaxed for members of $mynetworks (can relay mail, no rate
11. # limits, can use some exploitable SMTP features, etc.).
12. mynetworks =
13.     127.0.0.0/8
14.     [::1]/128
15.     10.0.0.0/8
16.     192.168.0.0/16
17.  
18. # Clients/remotes/scenarios to relay mail *for*.
19. smtpd_relay_restrictions =
20.     permit_mynetworks
21.     reject_unauth_destination
22.  
23. ######################################################################
24. # smart host - outgoing mail
25.  
26. # Send all outbound mail to this mail server (smart host)
27. # Use "mail submission" protocol (TCP port 587)
28. relayhost = [smtp.office365.com]:submission
29.  
30. # When talking to our smart host, use this name to identify ourselves.
31. # Some mail hosts want a valid DNS name.
32. #smtp_helo_name = outgoing.contoso.com
33.  
34. # We have to authenticate ourselves to our smart host using SASL
35. smtp_sasl_auth_enable = yes
36. smtp_sasl_type = cyrus
37.  
38. # Don't allow plaintext passwords if connection lacks SSL/TLS/encryption
39. # If connection is encrypted, allow plain text passwords.
40. # "noanonymous" is equiv to Sendmail "y" mailer flag.
41. smtp_sasl_security_options     = noanonymous noplaintext
42. smtp_sasl_tls_security_options = noanonymous
43.  
44. # Credentials to use for outgoing SMTP connections (when Postfix is
45. # acting as an SMTP client).
46. smtp_sasl_password_maps = cdb:/etc/postfix/outgoing_passwd
47.  
48. # Force SSL/TLS outbound, since we should only be talking to our smart host.
49. # Further, require that the server's certificate verify against the CA root.
50. smtp_tls_security_level  = verify
51.  
52. # END
53.