Help with setting up FreePBX SMTP to work with Office 365

Hello, we are moving away from our third party SMTP service and moving over to Office 365.
I am following this documentation: How to setup FreePBX to work with Office 365 Exchange Email - FreePBX Documentation - Documentation

I have already adjusted our DNS records accordingly. I am needing some guidance with step B.
" B. Add the following to the end of /etc/postfix/main.cf (You can’t do this from the admin module, SSH only)

inet_protocols = ipv4

The inet_protocols = ipv4 tells postfix to not use ipv6. ipv6 is bad mojo with most SMTP servers.

Reload postfix by running these command:

systemctl restart postfix"

How do I add /etc/postfix to the end of the main cfg?

im working on a re-write of this topic as I read this

with MS use direct send - treat the PBX like an appliance…

in summary look up the MX record for the office domain then take that MX and use it as your relay server - no username no password no ssl and use port 25 … thats all there is to it. this can all be done within sysadmin’s email setup

MS365-11165×744 43.4 KB

MS365-3919×550 136 KB

freepbx direct send1085×726 70.5 KB

the only caveat which doesnt apply to most is that using this method you can only send emails to addresses for domain who’s MX you are relaying through

Easy peasy lemon squeezy! That worked, thanks!

Alright, well - I spoke too soon. I manage four PBX systems: one in Dallas, one in Houston, one in Chicago and the last in New York. All are on the same domain. I applied the same settings for Dallas to all the other locations. Dallas seems to be the only one working, is there anything I can check on the other sites? Figured if I got Dallas working with your recommendation and applied those settings to the other sites they would work as well but that doesn’t seem to be the case.

id look at the logs or contact MS on the sites not working and have them explain the difference - thats other good thing about this option … Office mail support is pretty good

once you see the 250 ok on the PBX the mail has been handed off

there is a debug section in sysadmin email settings and you have /var/log/maillog as well

and remember mail can only be sent to addresses for the office domain whose MX you looked up and used as the relay

Here is the debug report from one of the PBX’s

Jul 11 14:53:51 freepbx postfix/pickup[8176]: 2513265FBD: uid=995 from=
Jul 11 14:53:51 freepbx postfix/cleanup[8215]: 2513265FBD: message-id=[email protected]
Jul 11 14:53:51 freepbx postfix/qmgr[1501]: 2513265FBD: from=[email protected], size=669068, nrcpt=1 (queue active)
Jul 11 14:53:52 freepbx postfix/smtp[8219]: 2513265FBD: to=[email protected], relay=send.smtp.com[192.40.165.69]:2525, delay=1, delays=0.07/0.02/0.3/0.63, dsn=2.0.0, status=sent (250 OK TrackingID:0f43cde9-723c-49d0-8d1c-3df4d8464848)
Jul 11 14:53:52 freepbx postfix/qmgr[1501]: 2513265FBD: removed
Jul 11 15:07:08 freepbx postfix/pickup[8176]: 387E865FBD: uid=995 from=
Jul 11 15:07:08 freepbx postfix/cleanup[10187]: 387E865FBD: message-id=[email protected]
Jul 11 15:07:08 freepbx postfix/qmgr[1501]: 387E865FBD: from=[email protected], size=227919, nrcpt=1 (queue active)
Jul 11 15:07:09 freepbx postfix/smtp[10190]: 387E865FBD: to=[email protected], relay=send.smtp.com[192.40.165.69]:2525, delay=0.91, delays=0.07/0.02/0.28/0.54, dsn=2.0.0, status=sent (250 OK TrackingID:dba5935a-fd0a-47eb-92ac-d1f479d7575f)
Jul 11 15:07:09 freepbx postfix/qmgr[1501]: 387E865FBD: removed
Jul 11 15:09:42 freepbx postfix/pickup[8176]: 9F8CD65FBD: uid=995 from=
Jul 11 15:09:42 freepbx postfix/cleanup[10619]: 9F8CD65FBD: message-id=[email protected]
Jul 11 15:09:42 freepbx postfix/qmgr[1501]: 9F8CD65FBD: from=[email protected], size=1796944, nrcpt=1 (queue active)
Jul 11 15:09:43 freepbx postfix/smtp[10623]: 9F8CD65FBD: to=[email protected], relay=send.smtp.com[192.40.165.68]:2525, delay=1.3, delays=0.12/0.02/0.29/0.84, dsn=2.0.0, status=sent (250 OK TrackingID:6e34c2a4-796c-4468-ac92-5997f6e4ed95)
Jul 11 15:09:43 freepbx postfix/qmgr[1501]: 9F8CD65FBD: removed
Jul 11 15:39:27 freepbx postfix/pickup[8176]: E000B65FBD: uid=995 from=
Jul 11 15:39:27 freepbx postfix/cleanup[14873]: E000B65FBD: message-id=[email protected]
Jul 11 15:39:27 freepbx postfix/qmgr[1501]: E000B65FBD: from=[email protected], size=488834, nrcpt=1 (queue active)
Jul 11 15:39:28 freepbx postfix/smtp[14878]: E000B65FBD: to=[email protected], relay=send.smtp.com[192.40.165.69]:2525, delay=1, delays=0.08/0.02/0.28/0.62, dsn=2.0.0, status=sent (250 OK TrackingID:b536c9fe-a161-4b40-8145-8217d61344f0)
Jul 11 15:39:28 freepbx postfix/qmgr[1501]: E000B65FBD: removed
Jul 13 08:39:08 freepbx postfix/pickup[4477]: CC5CC65FBD: uid=995 from=
Jul 13 08:39:08 freepbx postfix/cleanup[5538]: CC5CC65FBD: message-id=[email protected]
Jul 13 08:39:08 freepbx postfix/qmgr[1501]: CC5CC65FBD: from=[email protected], size=387093, nrcpt=1 (queue active)
Jul 13 08:39:09 freepbx postfix/smtp[5542]: CC5CC65FBD: to=[email protected], relay=send.smtp.com[192.40.165.68]:2525, delay=0.95, delays=0.07/0.02/0.31/0.55, dsn=2.0.0, status=sent (250 OK TrackingID:e4114e82-c244-45c5-8d18-5688c379ccc5)
Jul 13 08:39:09 freepbx postfix/qmgr[1501]: CC5CC65FBD: removed
Jul 14 14:46:18 freepbx postfix/postfix-script[3415]: fatal: the Postfix mail system is already running
Jul 14 14:46:18 freepbx postfix/postfix-script[3423]: refreshing the Postfix mail system
Jul 14 14:46:18 freepbx postfix/master[1499]: reload – version 2.10.1, configuration /etc/postfix
Jul 14 15:08:53 freepbx postfix/pickup[3428]: A9FC262D30: uid=995 from=
Jul 14 15:08:53 freepbx postfix/cleanup[6997]: A9FC262D30: message-id=[email protected]
Jul 14 15:08:53 freepbx postfix/qmgr[3429]: A9FC262D30: from=[email protected], size=486642, nrcpt=1 (queue active)
Jul 14 15:08:54 freepbx postfix/smtp[7002]: A9FC262D30: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT085.eop-nam12.prod.protection.outlook.com 2023-07-14T20:08:54.299Z 08DB8414ACACAA12] (in reply to end of DATA command)
Jul 14 15:08:54 freepbx postfix/smtp[7002]: A9FC262D30: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.59.138]:25, delay=0.87, delays=0.07/0.02/0.64/0.14, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT098.eop-nam12.prod.protection.outlook.com 2023-07-14T20:08:54.504Z 08DB84073EBF7959] (in reply to end of DATA command))
Jul 14 15:16:18 freepbx postfix/qmgr[3429]: A9FC262D30: from=[email protected], size=486642, nrcpt=1 (queue active)
Jul 14 15:16:18 freepbx postfix/smtp[8162]: A9FC262D30: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT011.eop-nam12.prod.protection.outlook.com 2023-07-14T20:16:18.630Z 08DB8417DD31BAEA] (in reply to end of DATA command)
Jul 14 15:16:19 freepbx postfix/smtp[8162]: A9FC262D30: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.59.138]:25, delay=445, delays=444/0.03/0.64/0.25, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT021.eop-nam12.prod.protection.outlook.com 2023-07-14T20:16:18.991Z 08DB834BF2B5165F] (in reply to end of DATA command))
Jul 14 14:24:19 freepbx postfix/postfix-script[1535]: starting the Postfix mail system
Jul 14 14:24:20 freepbx postfix/master[1544]: daemon started – version 2.10.1, configuration /etc/postfix
Jul 14 15:25:19 freepbx postfix/qmgr[1563]: A9FC262D30: from=[email protected], size=486642, nrcpt=1 (queue active)
Jul 14 15:25:20 freepbx postfix/smtp[3059]: A9FC262D30: host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT071.eop-nam12.prod.protection.outlook.com 2023-07-14T20:25:20.383Z 08DB83E4AEFB5629] (in reply to end of DATA command)
Jul 14 15:25:21 freepbx postfix/smtp[3059]: A9FC262D30: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=987, delays=986/0.04/0.75/0.47, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT046.eop-nam12.prod.protection.outlook.com 2023-07-14T20:25:21.047Z 08DB8482521D82D6] (in reply to end of DATA command))
Jul 14 15:37:13 freepbx postfix/pickup[3057]: 5B7E0295E2: uid=995 from=
Jul 14 15:37:13 freepbx postfix/cleanup[8485]: 5B7E0295E2: message-id=20230714203713.5B7E0295E2@pbx
Jul 14 15:37:13 freepbx postfix/qmgr[1563]: 5B7E0295E2: from=[email protected], size=481, nrcpt=1 (queue active)
Jul 14 15:37:13 freepbx postfix/smtp[8487]: 5B7E0295E2: host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT079.eop-nam12.prod.protection.outlook.com 2023-07-14T20:37:13.777Z 08DB842448D26159] (in reply to end of DATA command)
Jul 14 15:37:14 freepbx postfix/smtp[8487]: 5B7E0295E2: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=0.76, delays=0.04/0.01/0.58/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT114.eop-nam12.prod.protection.outlook.com 2023-07-14T20:37:14.079Z 08DB846120E44870] (in reply to end of DATA command))

For reference here is the debug for the Dallas office, that is working.

Jul 14 14:02:39 freepbx postfix/smtp[15932]: A5B2A40122EB: to=[email protected], relay=smtp.office365.com[52.96.122.98]:587, delay=518, delays=416/0.09/102/0, dsn=4.7.3, status=deferred (SASL authentication failed; server smtp.office365.com[52.96.122.98] said: 535 5.7.3 Authentication unsuccessful [SA0PR12CA0025.namprd12.prod.outlook.com 2023-07-14T19:02:39.807Z 08DB842B88319A96])
Jul 14 14:05:57 freepbx postfix/qmgr[13328]: 650F3401202D: from=[email protected], size=261240, nrcpt=1 (queue active)
Jul 14 14:06:03 freepbx postfix/smtp[17792]: 650F3401202D: SASL authentication failed; server smtp.office365.com[40.99.168.194] said: 535 5.7.3 Authentication unsuccessful [SA1P222CA0044.NAMP222.PROD.OUTLOOK.COM 2023-07-14T19:06:03.694Z 08DB846E2CD2604C]
Jul 14 14:06:09 freepbx postfix/smtp[17792]: 650F3401202D: SASL authentication failed; server smtp.office365.com[40.99.245.82] said: 535 5.7.3 Authentication unsuccessful [SA1P222CA0105.NAMP222.PROD.OUTLOOK.COM 2023-07-14T19:06:09.414Z 08DB8447B9CFC809]
Jul 14 14:06:14 freepbx postfix/smtp[17792]: 650F3401202D: SASL authentication failed; server smtp.office365.com[40.97.212.2] said: 535 5.7.3 Authentication unsuccessful [SN1PR12CA0053.namprd12.prod.outlook.com 2023-07-14T19:06:14.964Z 08DB842812B4278C]
Jul 14 14:06:20 freepbx postfix/smtp[17792]: 650F3401202D: SASL authentication failed; server smtp.office365.com[52.96.91.66] said: 535 5.7.3 Authentication unsuccessful [SA9PR11CA0008.namprd11.prod.outlook.com 2023-07-14T19:06:20.397Z 08DB8450307249EA]
Jul 14 14:06:26 freepbx postfix/smtp[17792]: 650F3401202D: to=[email protected], relay=smtp.office365.com[40.99.169.146]:587, delay=1467, delays=1439/0.11/28/0, dsn=4.7.3, status=deferred (SASL authentication failed; server smtp.office365.com[40.99.169.146] said: 535 5.7.3 Authentication unsuccessful [SA1PR02CA0009.namprd02.prod.outlook.com 2023-07-14T19:06:26.025Z 08DB841BFF3DBD08])
Jul 14 14:15:57 freepbx postfix/qmgr[13328]: A5B2A40122EB: from=[email protected], size=509439, nrcpt=1 (queue active)
Jul 14 14:16:27 freepbx postfix/smtp[20371]: connect to smtp.office365.com[2603:1036:305:48ca::2]:587: Connection timed out
Jul 14 14:16:57 freepbx postfix/smtp[20371]: connect to smtp.office365.com[2603:1036:805:64::2]:587: Connection timed out
Jul 14 14:17:03 freepbx postfix/smtp[20371]: A5B2A40122EB: SASL authentication failed; server smtp.office365.com[52.96.90.18] said: 535 5.7.3 Authentication unsuccessful [SA9PR10CA0025.namprd10.prod.outlook.com 2023-07-14T19:17:03.275Z 08DB839316A63D9B]
Jul 14 14:17:33 freepbx postfix/smtp[20371]: connect to smtp.office365.com[2603:1036:305:38b5::2]:587: Connection timed out
Jul 14 14:17:38 freepbx postfix/smtp[20371]: A5B2A40122EB: to=[email protected], relay=smtp.office365.com[52.96.57.2]:587, delay=1417, delays=1316/0.11/101/0, dsn=4.7.3, status=deferred (SASL authentication failed; server smtp.office365.com[52.96.57.2] said: 535 5.7.3 Authentication unsuccessful [SA9PR13CA0008.namprd13.prod.outlook.com 2023-07-14T19:17:38.710Z 08DB835EFA3A004A])
Jul 14 14:30:57 freepbx postfix/qmgr[13328]: 650F3401202D: from=[email protected], size=261240, nrcpt=1 (queue active)
Jul 14 14:31:14 freepbx postfix/postfix-script[22409]: fatal: the Postfix mail system is already running
Jul 14 14:31:14 freepbx postfix/postfix-script[22417]: refreshing the Postfix mail system
Jul 14 14:31:14 freepbx postfix/master[1559]: reload – version 2.10.1, configuration /etc/postfix
Jul 14 14:31:14 freepbx postfix/qmgr[22423]: 650F3401202D: skipped, still being delivered
Jul 14 14:31:27 freepbx postfix/smtp[22333]: connect to smtp.office365.com[2603:1036:305:300b::2]:587: Connection timed out
Jul 14 14:31:33 freepbx postfix/smtp[22333]: 650F3401202D: SASL authentication failed; server smtp.office365.com[40.99.245.82] said: 535 5.7.3 Authentication unsuccessful [SA1P222CA0112.NAMP222.PROD.OUTLOOK.COM 2023-07-14T19:31:33.837Z 08DB83F7F0777434]
Jul 14 14:32:03 freepbx postfix/pickup[22424]: 91AD940280A6: uid=995 from=
Jul 14 14:32:03 freepbx postfix/cleanup[22526]: 91AD940280A6: message-id=[email protected]
Jul 14 14:32:03 freepbx postfix/qmgr[22423]: 91AD940280A6: from=[email protected], size=139774, nrcpt=1 (queue active)
Jul 14 14:32:03 freepbx postfix/smtp[22333]: connect to smtp.office365.com[2603:1036:305:3427::2]:587: Connection timed out
Jul 14 14:32:05 freepbx postfix/smtp[22529]: 91AD940280A6: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=2, delays=0.1/0.03/0.53/1.3, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=29334626651034, Hostname=SJ0PR14MB4380.namprd14.prod.outlook.com] 149186 bytes in 0.123, 1183.543 KB/sec Queued mail for delivery)
Jul 14 14:32:05 freepbx postfix/qmgr[22423]: 91AD940280A6: removed
Jul 14 14:32:09 freepbx postfix/smtp[22333]: 650F3401202D: SASL authentication failed; server smtp.office365.com[40.99.169.130] said: 535 5.7.3 Authentication unsuccessful [SA1PR04CA0024.namprd04.prod.outlook.com 2023-07-14T19:32:09.553Z 08DB842540FF8E4B]
Jul 14 14:32:39 freepbx postfix/smtp[22333]: connect to smtp.office365.com[2603:1036:805:64::2]:587: Connection timed out
Jul 14 14:32:39 freepbx postfix/smtp[22333]: 650F3401202D: to=[email protected], relay=none, delay=3040, delays=2938/0.09/102/0, dsn=4.4.1, status=deferred (connect to smtp.office365.com[2603:1036:805:64::2]:587: Connection timed out)
Jul 14 14:36:14 freepbx postfix/qmgr[22423]: 650F3401202D: from=[email protected], size=261240, nrcpt=1 (queue active)
Jul 14 14:36:16 freepbx postfix/smtp[23020]: 650F3401202D: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.59.138]:25, delay=3257, delays=3255/0.05/0.32/1.6, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=14611478763270, Hostname=MW4PR14MB4584.namprd14.prod.outlook.com] 270506 bytes in 0.445, 592.898 KB/sec Queued mail for delivery)
Jul 14 14:36:16 freepbx postfix/qmgr[22423]: 650F3401202D: removed
Jul 14 14:38:41 freepbx postfix/pickup[22424]: EAB1C401202D: uid=995 from=
Jul 14 14:38:41 freepbx postfix/cleanup[23402]: EAB1C401202D: message-id=[email protected]
Jul 14 14:38:42 freepbx postfix/qmgr[22423]: EAB1C401202D: from=[email protected], size=411206, nrcpt=1 (queue active)
Jul 14 14:38:43 freepbx postfix/smtp[23405]: EAB1C401202D: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.59.138]:25, delay=1.6, delays=0.09/0.03/0.25/1.2, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=3453153729156, Hostname=PH0PR14MB5335.namprd14.prod.outlook.com] 420521 bytes in 0.328, 1251.593 KB/sec Queued mail for delivery)
Jul 14 14:38:43 freepbx postfix/qmgr[22423]: EAB1C401202D: removed
Jul 14 14:41:14 freepbx postfix/qmgr[22423]: A5B2A40122EB: from=[email protected], size=509439, nrcpt=1 (queue active)
Jul 14 14:41:15 freepbx postfix/smtp[24187]: A5B2A40122EB: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.55.138]:25, delay=2834, delays=2833/0.08/0.27/0.87, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=27221502746395, Hostname=SN7PR14MB6131.namprd14.prod.outlook.com] 518753 bytes in 0.313, 1616.435 KB/sec Queued mail for delivery)
Jul 14 14:41:15 freepbx postfix/qmgr[22423]: A5B2A40122EB: removed
Jul 14 15:04:09 freepbx postfix/pickup[22424]: 86ECA401202D: uid=995 from=
Jul 14 15:04:09 freepbx postfix/cleanup[27226]: 86ECA401202D: message-id=[email protected]
Jul 14 15:04:09 freepbx postfix/qmgr[22423]: 86ECA401202D: from=[email protected], size=290177, nrcpt=1 (queue active)
Jul 14 15:04:10 freepbx postfix/smtp[27229]: 86ECA401202D: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.55.138]:25, delay=1.5, delays=0.09/0.03/0.33/1, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=91439853734324, Hostname=SA1PR14MB4641.namprd14.prod.outlook.com] 299470 bytes in 0.238, 1227.394 KB/sec Queued mail for delivery)
Jul 14 15:04:10 freepbx postfix/qmgr[22423]: 86ECA401202D: removed
Jul 14 15:44:24 freepbx postfix/pickup[22424]: 27874401202D: uid=995 from=
Jul 14 15:44:24 freepbx postfix/cleanup[32034]: 27874401202D: message-id=[email protected]
Jul 14 15:44:24 freepbx postfix/qmgr[22423]: 27874401202D: from=[email protected], size=271762, nrcpt=1 (queue active)
Jul 14 15:44:27 freepbx postfix/smtp[32037]: 27874401202D: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=3, delays=0.08/0.03/0.66/2.2, dsn=2.6.0, status=sent (250 2.6.0 [email protected] [InternalId=14632953602898, Hostname=CY8PR14MB6146.namprd14.prod.outlook.com] 281067 bytes in 0.221, 1236.661 KB/sec Queued mail for delivery)
Jul 14 15:44:27 freepbx postfix/qmgr[22423]: 27874401202D: removed

Here is the postqueue results.

[root@freepbx ~]# postqueue -p
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
C7D07B2E9A 1225 Fri Jul 14 15:53:12 [email protected]
(host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT016.eop-nam12.prod.protection.outlo ok.com 2023-07-14T21:08:27.347Z 08DB847A4D4BA320] (in reply to end of DATA command))
[email protected]

CB808C9569 1225 Fri Jul 14 16:33:13 [email protected]
(host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT063.eop-nam12.prod.protection.outl ook.com 2023-07-14T21:08:27.391Z 08DB849F36FDC802] (in reply to end of DATA command))
[email protected]

CFDADB2EAC 1225 Fri Jul 14 16:01:05 [email protected]
(host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT101.eop-nam12.prod.protection.outlo ok.com 2023-07-14T21:18:27.496Z 08DB83EB7618E202] (in reply to end of DATA command))
[email protected]

C275DCDE78 1225 Fri Jul 14 17:02:09 [email protected]
(host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT064.eop-nam12.prod.protection.outl ook.com 2023-07-14T21:18:27.578Z 08DB83F1B00AEF10] (in reply to end of DATA command))
[email protected]

C88AAD2550 1225 Fri Jul 14 17:13:03 [email protected]
(host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT042.eop-nam12.prod.protection.outlo ok.com 2023-07-14T21:28:27.732Z 08DB8464AE3143CE] (in reply to end of DATA command))
[email protected]

E4B99C9541 1225 Fri Jul 14 16:23:29 [email protected]
(host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT107.eop-nam12.prod.protection.outlo ok.com 2023-07-14T21:03:27.211Z 08DB84A562928E1F] (in reply to end of DATA command))
[email protected]

Using the o365 ‘Direct Send’ method is NOT sufficient if you want the PBX to send email notifications to email addresses outside your organisation (ie. to other domains), which is entirely possible if you have a 3rd party managing your PBX and/or you have multiple domains within your organisation.

Using the o365 ‘SMTP Relay’ method (as per the Wiki article by MatthewB) has no such restrictions & works well in my experience. The only thing it doesn’t mention is how to setup the ‘/etc/postfix/generic’ file to ensure the sender is always a valid/recognised email address from within your o365 domain, apart from that, I personally believe the current Wiki article is pretty good at guiding someone through the necessary steps.

I’m sending within my domain which is why I’m confused as to why one of the PBX systems does not have any issues but the other two that I manage are not working and setup exactly like the first PBX which is working with direct send following cdolese recommendation. I’ve made sure that the connector has the WAN IP’s of all the offices where the PBX’s are. I’ve also updated the SPF record to include those IP’s.

It could be that Microsoft 365 is blocking your other two external IPs. You could test that by manually trying to relay email through the connector using telnet to see if you get any additional info: Use Telnet to test SMTP communication on Exchange servers | Microsoft Learn

Otherwise you could just try and see if your other IPs can be removed from the block list.

To request removal from this list please visit https://sender.office.com/

Alright, I think I might be onto something here. I noticed that under System Admin > Hostname; the Curren Hostname is set to “freepbx.sangoma.local”. Wouldn’t it be beneficial to change to my domain “wegmanpartners.com”??

image1359×329 13.6 KB

Here is a screenshot of the current Email Setup Settings:

image1354×642 51.1 KB

Can anyone help me with this step? Unsure how to do this…

B. Add the following to the end of /etc/postfix/main.cf (You can’t do this from the admin module, SSH only)

inet_protocols = ipv4

The inet_protocols = ipv4 tells postfix to not use ipv6. ipv6 is bad mojo with most SMTP servers.

Reload postfix by running these command:

systemctl restart postfix

On my systems, the fields on the Email Settings tab are populated as follows;

• My Hostname = The FQDN of the PBX
• My Origin = The o365 Domain Name
• My Domain = The o365 Domain Name (again)

Regarding the the file ‘main.cf’ - You can SSH onto your pbx (or login to the console directly) & use the following command to edit that file;

nano /etc/postfix/main.cf

Nano is a text file editor, be careful not to mess anything up, just look for & change the ‘inet_protocols’ setting (Use ‘Page Down/Up’ key on keyboard to scroll file). Once you’re happy with the changes you’ve made, use Ctrl-O to save it, then Ctrl-X to close the file & exit nano.

Once the file is saved & closed, use the 2nd command to reload postfix;

systemctl restart postfix

Thanks! Where do you locate the FQDN of the PBX?

It’s whatever the PBX is configured to use - Typically, you might setup a Let’s Encrypt certificate using either the default FQDN for the deployment (or a custom one). You might not have done any of this & are simply using the default/out-the-box FQDN & Self-Signed certificate.

You can look at the ‘Settings’ tab within the ‘HTTPS Setup’ tab of the ‘System Admin’ module to see your installed ‘Certificate Name’ (which should match the FQDN you’ve configured within DNS if everything is setup properly & aligned). Do you connect to the WebUI of your PBX by a DNS Name or IP address ?

The FQDN should match the Digital Certificate Name your using with the PBX.

Based on what I’m seeing, nothing is setup under ‘HTTPS Setup’. Screenshot below.

image1328×852 48.5 KB

ok, clearly you’ve not setup any of that.

Try populating the fields as follows if ‘wegmanpartners.com’ is your email domain (I’m slightly confused as its NOT the one in your original post);

• My Hostname = pbx.wegmanpartners.com
• My Origin = wegmanpartners.com
• My Domain = wegmanpartners.com
• SMTP Server = wegmanpartners-com.mail.protection.outlook.com:25

This method assumes you’ve updated the SPF record within DNS for that domain, to reflect the outgoing public IP address the PBX will send mail from.

Once this is done, update the file ‘main.cf’ as discussed previously & try sending a test email from the ‘Debug’ button of the Email Setup page. Once sent, paste the related entries of your ‘maillog’ (also visible on the ‘Debug’ page) to show us what it doing.

This topic causes so much confusion and hassle, and has for years. @cdolese, why isn’t the email setup in SysAdmin Pro writing these required entries into main.cf? I find it strange that the module presents as a complete email setup, but it’s not. I do now see that a Postfix Custom Config tab has been added, but wouldn’t it make sense to auto-populate the required M365 entries there from the Email Settings tab, so that it actually works? Or at least put a big warning on the Email Config tab that M365 settings won’t work unless main.cf is edited.

And for anyone struggling with this, you will also likely need to rewrite the ‘from’ addresses that aren’t fixed by the Email module, too. This is done by editing /etc/postfix/generic and adding:

root [email protected]
root@localhost [email protected]
[email protected] [email protected]
root@freepbx [email protected]
[email protected] [email protected]
asterisk [email protected]
asterisk@localhost [email protected]
[email protected] [email protected]
asterisk@freepbx [email protected]
[email protected] [email protected]
vm@asterisk [email protected]

Where “[email protected]” is the email address/login name for the M365 account from which you are sending.