Wow! What a nightmare. I know FreePBX is far from user friendly, but this is just insane. I’ll be glad when I don’t have to manage anymore of these systems.
1 Like
It’s not an awful process, it’s just entirely undocumented and is made worse by the way the module appears to take care of it all.
- Disable IPv6
- Configure in module.
- Set address rewrites.
I deliberately hadn’t mentioned the rewrites in the generic file yet - I didn’t want to create an information overload all at once 
I was waiting to see the outcome (log entries during a send attempt) after the changes I explained for the Email setup Tab & main.cf file. I’ve not seen anything from that yet.
PS. I’m also curious about the Postfix Custom Config tab - I noticed it was now a thing, but not seen any documentation about how to use it. I’ve always stuck with the o365 setup I know works on multiple systems (ie. Email Setup Tab & manual editing of the main.cf & generic files).
@FreerPBXer
just re-visiting this today… I havent had any issue using direct send where it fits and 9 times out of 10 it just works including my own system with no modifications to main.cf
ill review this later and see what suggestions we can make to the engineering team based on your comments
I did run through this again moments ago with two mail providers - AWS SES and MS 365; ill test Google Workplace asap as well
Direct send requires setup at M365 and only works for addresses within that specific M365 tenant.
In that vein you can also setup a dedicated receive connector at M365 and let it relay.
Neither option really addresses the issue that there is a ‘feature’ in SysAdmin Pro that purports to take care of email setup but doesn’t, and that the main.cf and generic edits required aren’t in any official documentation.
And for anyone on GSuite stumbing on this, those edits are required for authenticated send via GSuite as well.
IMO, the rewrites (held within the generic file) should get updated automatically when you set the ‘From Address’ field from the ‘Notifications’ Tab of the SysAdmin module. If you look at the maillog & depending upon which module is generating the email send attempt, all sorts of from address variations can get referenced when rewrites are not updated/used (root@, asterisk@ etc.) - Why wouldn’t you want this to be consistent & inline with the ‘From Address’ set in the SysAdmin module to avoid potential problems/confusion ?
Also, I’m curious to know in what scenario the Email Setup page works when setting the ‘Provider’ to ‘Office 365’ - Why does this setting exist if ‘Other’ has to be used instead for o365 ?
Also, Also, where is the documentation for the newer ‘Postfix Custom Config’ tab - Does one just enter one or more parameters (eg. ‘inet_protocols = ipv4’) & they override whatever is in the main.cf file ? (if so, that’s a useful option from the GUI) - I assume this tab was added for a reason, so there must be scenario’s where updating parameters within the main.cf file might be necessary. I typically add the following to my main.cf files, so doing it on that tab would be easier;
inet_protocols = ipv4
smtp_generic_maps = hash:/etc/postfix/generic
Also, Also, Also, I personally, absolutely need to be able to send notifications to recipients outside the PBX Owners organisation (ie. email domain), I can’t be the only one doing this. The ‘Direct Send’ method doesn’t allow that, so the instructions for setting up the full o365 Relay Connector option should not be lost/removed. I personally think the current Wiki page (by Matthew B) is far better than anything that came before for explaining this scenario. Perhaps any planned article for using ‘Direct Send’ should be ‘in addition’ to the current one that leans towards the ‘SMTP relay’ method with o365.
When I page down all the way this is what I see, am I missing something? I don’t see the inet_protocols. Sorry, newb here when it comes to SSH.
Those are the settings from the Email Setup page that get written to the end of this file.
Any existing entry for the ‘inet_protocols’ setting will be higher up in the file, but might be commented out (commented out lines start with a #).
if commented out, just add the following UNDER that line;
inet_protocols = ipv4
Alright I was able to locate it! So all I need to do is delete ‘all’ and enter ‘ipv4’ and then save my changes (Ctrl-O) and exit (Ctrl-X)?
Yes, that line is not commented out, so you can just change the value from all to ipv4 then save (WriteOut) the file & exit nano.
Once you’ve closed nano you then need to run the following command to make the settings live;
systemctl restart postfix
After that, try sending a test email to yourself from the Debug tab of the Email Setup in SysAdmin & paste the results (shown in the bottom of the debug tab) in this chat if it doesn’t work. You’re be looking for the line that includes ‘postfix/smtp’ & ‘status=’ ← a status of ‘sent (250)’ is GOOD.
You can also send a test message from the cli using the following command (replace YourEmailAddressHere with your actual email address;
echo "Hello World" | sudo -u asterisk mail -s "Test from FreePBX" YourEmailAddressHere
and check the log with;
cat /var/log/maillog | grep -iw 'postfix/qmgr.*from\|postfix/smtp.*status'
Still having issues unfortunately 
Here is the debug results:
Jul 26 08:11:08 freepbx postfix/pickup[1702]: C8D2D700E4: uid=995 from=
Jul 26 08:11:08 freepbx postfix/cleanup[5510]: C8D2D700E4: message-id=[email protected]
Jul 26 08:11:08 freepbx postfix/qmgr[6952]: C8D2D700E4: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 08:11:09 freepbx postfix/smtp[5512]: C8D2D700E4: host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT022.eop-nam12.prod.protection.outlook.com 2023-07-26T13:11:09.245Z 08DB8D18D95D5775] (in reply to end of DATA command)
Jul 26 08:11:09 freepbx postfix/smtp[5512]: C8D2D700E4: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.55.138]:25, delay=0.69, delays=0.04/0.02/0.55/0.08, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT032.eop-nam12.prod.protection.outlook.com 2023-07-26T13:11:09.454Z 08DB8CC55D5032CB] (in reply to end of DATA command))
Jul 26 08:19:03 freepbx postfix/qmgr[6952]: C8D2D700E4: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 08:19:03 freepbx postfix/smtp[7243]: C8D2D700E4: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT106.eop-nam12.prod.protection.outlook.com 2023-07-26T13:19:03.744Z 08DB8D016F7B170A] (in reply to end of DATA command)
Jul 26 08:19:04 freepbx postfix/smtp[7243]: C8D2D700E4: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=475, delays=475/0.03/0.57/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT030.eop-nam12.prod.protection.outlook.com 2023-07-26T13:19:04.054Z 08DB8D0F928D030A] (in reply to end of DATA command))
Jul 26 08:29:03 freepbx postfix/qmgr[6952]: C8D2D700E4: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 08:29:03 freepbx postfix/smtp[9220]: C8D2D700E4: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT065.eop-nam12.prod.protection.outlook.com 2023-07-26T13:29:03.763Z 08DB8D468D969BF4] (in reply to end of DATA command)
Jul 26 08:29:04 freepbx postfix/smtp[9220]: C8D2D700E4: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=1076, delays=1075/0.03/0.88/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT006.eop-nam12.prod.protection.outlook.com 2023-07-26T13:29:04.428Z 08DB8D4F667AEAED] (in reply to end of DATA command))
Jul 26 08:47:32 freepbx postfix/postfix-script[13559]: fatal: the Postfix mail system is already running
Jul 26 08:47:32 freepbx postfix/postfix-script[13567]: refreshing the Postfix mail system
Jul 26 08:47:32 freepbx postfix/master[1581]: reload – version 2.10.1, configuration /etc/postfix
Jul 26 08:47:32 freepbx postfix/qmgr[13573]: C8D2D700E4: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 08:47:32 freepbx postfix/smtp[13575]: C8D2D700E4: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT016.eop-nam12.prod.protection.outlook.com 2023-07-26T13:47:32.870Z 08DB8D4C70ECF30D] (in reply to end of DATA command)
Jul 26 08:47:33 freepbx postfix/smtp[13575]: C8D2D700E4: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=2184, delays=2184/0.03/0.5/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT083.eop-nam12.prod.protection.outlook.com 2023-07-26T13:47:33.182Z 08DB8D04DE602A37] (in reply to end of DATA command))
Jul 26 09:27:32 freepbx postfix/qmgr[13573]: C8D2D700E4: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 09:27:32 freepbx postfix/smtp[22131]: C8D2D700E4: host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT009.eop-nam12.prod.protection.outlook.com 2023-07-26T14:27:32.721Z 08DB8D04BAC43DF6] (in reply to end of DATA command)
Jul 26 09:27:32 freepbx postfix/smtp[22131]: C8D2D700E4: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.59.138]:25, delay=4584, delays=4583/0.03/0.5/0.04, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT008.eop-nam12.prod.protection.outlook.com 2023-07-26T14:27:32.855Z 08DB8D0E39C93257] (in reply to end of DATA command))
Jul 26 10:20:41 freepbx postfix/postfix-script[30074]: stopping the Postfix mail system
Jul 26 10:20:41 freepbx postfix/master[1581]: terminating on signal 15
Jul 26 10:20:42 freepbx postfix/postfix-script[30156]: starting the Postfix mail system
Jul 26 10:20:42 freepbx postfix/master[30158]: daemon started – version 2.10.1, configuration /etc/postfix
Jul 26 10:22:14 freepbx postfix/postfix-script[30666]: fatal: the Postfix mail system is already running
Jul 26 10:22:14 freepbx postfix/postfix-script[30674]: refreshing the Postfix mail system
Jul 26 10:22:14 freepbx postfix/master[30158]: reload – version 2.10.1, configuration /etc/postfix
Jul 26 10:22:44 freepbx postfix/pickup[30679]: 59293700E2: uid=995 from=
Jul 26 10:22:44 freepbx postfix/cleanup[30957]: 59293700E2: message-id=[email protected]
Jul 26 10:22:44 freepbx postfix/qmgr[30680]: 59293700E2: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 10:22:44 freepbx postfix/smtp[30959]: 59293700E2: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT059.eop-nam12.prod.protection.outlook.com 2023-07-26T15:22:44.671Z 08DB8CED39E4B650] (in reply to end of DATA command)
Jul 26 10:22:45 freepbx postfix/smtp[30959]: 59293700E2: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=0.67, delays=0.04/0.02/0.49/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT024.eop-nam12.prod.protection.outlook.com 2023-07-26T15:22:44.970Z 08DB8D248AC0870A] (in reply to end of DATA command))
FROM address is showing
[email protected]
TO address is showing
[email protected]
STATUS is showing
status=deferred, said: 450 4.7.1 Unable to Relay. ATTR37
You are sending to a DIFFERENT email domain (This will only work if you’ve setup a ‘Relay Connector’ within the o365 tenant of the sending domain) - Try sending to an address in SAME email domain as from address (wegmanpartners.com)
So here is the catch. Yes it’s a different domain but that domain is on the same Microsoft tenant as Wegman Partners. Wegman Capital is the investment company I work for that owns Wegman Partners, both of these companies/domains are on the same Microsoft tenant. It doesn’t look like it works even when using my Wegman Partners address.
Here is what debug says:
Jul 26 10:20:41 freepbx postfix/postfix-script[30074]: stopping the Postfix mail system
Jul 26 10:20:41 freepbx postfix/master[1581]: terminating on signal 15
Jul 26 10:20:42 freepbx postfix/postfix-script[30156]: starting the Postfix mail system
Jul 26 10:20:42 freepbx postfix/master[30158]: daemon started – version 2.10.1, configuration /etc/postfix
Jul 26 10:22:14 freepbx postfix/postfix-script[30666]: fatal: the Postfix mail system is already running
Jul 26 10:22:14 freepbx postfix/postfix-script[30674]: refreshing the Postfix mail system
Jul 26 10:22:14 freepbx postfix/master[30158]: reload – version 2.10.1, configuration /etc/postfix
Jul 26 10:22:44 freepbx postfix/pickup[30679]: 59293700E2: uid=995 from=
Jul 26 10:22:44 freepbx postfix/cleanup[30957]: 59293700E2: message-id=[email protected]
Jul 26 10:22:44 freepbx postfix/qmgr[30680]: 59293700E2: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 10:22:44 freepbx postfix/smtp[30959]: 59293700E2: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT059.eop-nam12.prod.protection.outlook.com 2023-07-26T15:22:44.671Z 08DB8CED39E4B650] (in reply to end of DATA command)
Jul 26 10:22:45 freepbx postfix/smtp[30959]: 59293700E2: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=0.67, delays=0.04/0.02/0.49/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT024.eop-nam12.prod.protection.outlook.com 2023-07-26T15:22:44.970Z 08DB8D248AC0870A] (in reply to end of DATA command))
Jul 26 10:32:14 freepbx postfix/qmgr[30680]: 59293700E2: from=[email protected], size=515, nrcpt=1 (queue active)
Jul 26 10:32:14 freepbx postfix/smtp[359]: 59293700E2: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT018.eop-nam12.prod.protection.outlook.com 2023-07-26T15:32:14.424Z 08DB8CEBBE836971] (in reply to end of DATA command)
Jul 26 10:32:14 freepbx postfix/smtp[359]: 59293700E2: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.59.138]:25, delay=570, delays=570/0.03/0.35/0.04, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.59.138] said: 450 4.7.1 Unable to Relay. ATTR37 [DM6NAM12FT077.eop-nam12.prod.protection.outlook.com 2023-07-26T15:32:14.524Z 08DB8D250AF008D8] (in reply to end of DATA command))
Jul 26 10:34:03 freepbx postfix/pickup[30679]: 2F000700FA: uid=995 from=
Jul 26 10:34:03 freepbx postfix/cleanup[798]: 2F000700FA: message-id=[email protected]
Jul 26 10:34:03 freepbx postfix/qmgr[30680]: 2F000700FA: from=[email protected], size=517, nrcpt=1 (queue active)
Jul 26 10:34:03 freepbx postfix/smtp[800]: 2F000700FA: host wegmanpartners-com.mail.protection.outlook.com[104.47.55.138] said: 450 4.7.1 Unable to Relay. ATTR37 [BN8NAM12FT079.eop-nam12.prod.protection.outlook.com 2023-07-26T15:34:03.459Z 08DB8D52B4ED65C4] (in reply to end of DATA command)
Jul 26 10:34:03 freepbx postfix/smtp[800]: 2F000700FA: to=[email protected], relay=wegmanpartners-com.mail.protection.outlook.com[104.47.66.10]:25, delay=0.65, delays=0.04/0.01/0.47/0.13, dsn=4.7.1, status=deferred (host wegmanpartners-com.mail.protection.outlook.com[104.47.66.10] said: 450 4.7.1 Unable to Relay. ATTR37 [MW2NAM12FT050.eop-nam12.prod.protection.outlook.com 2023-07-26T15:34:03.776Z 08DB8D0CA4C236CB] (in reply to end of DATA command))
Have you setup the relevant IP addresses with the SPF record of DNS for that domain ?
And your sure your PBX is communicating with the Internet out of one of those public IP address ?
Yes indeed, 216.74.234.162 is the WAN address of the Houston office - which is one of the four PBX systems that I manage. The local address for the PBX is 192.168.52.x.
ok, so the next thing might be to EITHER;
- Configure the rewrites (held within the postfix/generic file) to reflect an actual o365 email address in the sending domain
-OR-
- Create an email alias on an account within the sending o365 domain for the FROM address being referenced in the mail log ([email protected]) and/or what is set as the ‘From Address’ field that set within the ‘Notifications’ Tab of your SysAdmin module.
BTW, what is the ‘From Address’ field that set within the ‘Notifications’ Tab of your SysAdmin module ?
The idea being that the FROM address of the email being sent is associated/recognised against a valid o365 account within the sending domain.
I went ahead and created an account called [email protected] to see if that helps. As for the Notification settings, the email address is set to [email protected] which is also the same setting I have set on our Dallas PBX that is working without any issues. So I’m confused why it’s sending as [email protected] and not [email protected]