> > > So I'm unable to send mail as a...@mydomain.com to any domain other > than the ones managed by our mail server. How do I convince postfix > that it should route mail for mydomain.com from > outbound.protection.outlook.com? > > 1. If you want postfix to route/relay email TO some domain from ANY client, you should add this domain to the "relay_domains". 2. If you want postfix to route/relay email TO ANY domain from CERTAIN client you should add this client's IP to the mynetworks OR configure the client to use SASL authentication.
This is how "smtpd_relay_restrictions" works by default. http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions Technically you can configure it, but there is no reason to do so. Default configuration says: * permit_mynetworks: allow any email to any destination from client in "mynetworks" * permit_sasl_authenticated: allow any email to any destination from client that is SASL authenticated * defer_unauth_destination: unless destination is mydestination or relay_domains, defer email! There are " smtpd_relay_restrictions " AND "smtpd_recipient_restrictions": BOTH of them must permit email. There is a table in this chapter: http://www.postfix.org/SMTPD_ACCESS_README.html#lists You configure " smtpd_recipient_restrictions", but you also need to pay attention to "smtpd_relay_restrictions". When playing with all of this try not to create an open relay (i.e. never add foreign public network to the "mynetworks")
