Split Mailserver Configuration, VestaCP and Office365, SMTP 550

[ThA-LaN-LaW]

Hi!

some of our Customers want to use a "split" Mail-Server configuration, some Mailboxes at VestaCP, few Mailboxes at Office 365.

example.com ist registered at VestaCP with Web/DNS and Mail.
MX Record Points to VestaCP. Mail in/out from VestaCP runs perfect!

Some Users from example.com use an Office 365 Account.
So for this Mailboxes we forward the Mails to the "internal" Office 395 E-Mail Adresses.

VestaCP Account [email protected] -> Forward to [email protected]

If the User send from his Office 365 Account with [email protected] as sender to [email protected] (VestaCP Mailbox without Forward)
we get an "550 5.0.350 Remote server returned an error -> 550 smtp auth required"

Because of exim config:

Code: Select all

  deny    message       = smtp auth required
         sender_domains = +local_domains
         !authenticated = *

Which is ok, but i should recieve this Mails without be an open relay :)

The Customer _old_ Provider had the same setup, he accepted "external" Mails with the same Domain.

Similar, old Cases are:
viewtopic.php?t=11171
viewtopic.php?t=15151

My thoughts:
Domains with "Split" Setup could relay without Auth, perhaps additional with O365 Server IP Whitelist.
O365 Mails should Relay to VestaCP (i think this is not possible on o365)

Best Regards!

[ThA-LaN-LaW]

Hi!

O365 couldn't Relay with Auth to "own" Mailservers.

So i modified my exim config with following ACL Settings:

Code: Select all

accept senders	= [email protected] : [email protected]				#all users at office365 or use *@example.com
hosts		= 40.92.0.0/15 : 40.107.0.0/16 : 52.100.0.0/14 : 104.47.0.0/17	#all office365 SMTP Servers

Office 365 SMTP Server IP's: https://docs.microsoft.com/de-de/office ... nge-online

Best Regards!

[barodius64]

If you're an active Office 365 user, then this onedrive for business backup solution is something that you'd be interested in. Protecting your data should be your highest priority, trust me.

[jvivesc]

Hi!

O365 couldn't Relay with Auth to "own" Mailservers.

So i modified my exim config with following ACL Settings:

Code: Select all

accept senders	= [email protected] : [email protected]				#all users at office365 or use *@example.com
hosts		= 40.92.0.0/15 : 40.107.0.0/16 : 52.100.0.0/14 : 104.47.0.0/17	#all office365 SMTP Servers

Office 365 SMTP Server IP's: https://docs.microsoft.com/de-de/office ... nge-online

Best Regards!

Hi @ThA-LaN-LaW

I copied your configuration to my conf file and still failing.
I don't know why, because i think it's correct... even I add a large list of Microsoft IP's...

Code: Select all

hosts		= 13.107.6.152/31 : 13.107.18.10/31 : 13.107.128.0/22 : 23.103.160.0/20 : 40.96.0.0/13 : 40.104.0.0/15 : 52.96.0.0/14 : 131.253.33.215/32 : 132.245.0.0/16 : 150.171.32.0/22 : 204.79.197.215/32 : 13.107.6.152/31 : 13.107.18.10/31 : 13.107.128.0/22 : 23.103.160.0/20 : 40.96.0.0/13 : 40.104.0.0/15 : 52.96.0.0/14 : 131.253.33.215/32 : 132.245.0.0/16 : 150.171.32.0/22 : 204.79.197.215/32 : 13.107.6.152/31 : 13.107.18.10/31 : 13.107.128.0/22 : 23.103.160.0/20 : 40.96.0.0/13 : 40.104.0.0/15 : 52.96.0.0/14 : 131.253.33.215/32 : 132.245.0.0/16 : 150.171.32.0/22 : 204.79.197.215/32 : 13.107.6.152/31 : 13.107.18.10/31 : 13.107.128.0/22 : 23.103.160.0/20 : 40.96.0.0/13 : 40.104.0.0/15 : 52.96.0.0/14 : 131.253.33.215/32 : 132.245.0.0/16 : 150.171.32.0/22 : 204.79.197.215/32 : 40.92.0.0/15 : 40.107.0.0/16 : 52.100.0.0/14 : 52.238.78.88/32 : 104.47.0.0/17 : 40.92.0.0/15 : 40.107.0.0/16 : 52.100.0.0/14 : 104.47.0.0/17 #all office365 SMTP Servers	= 40.92.0.0/15 : 40.107.0.0/16 : 52.100.0.0/14 : 104.47.0.0/17	#all office365 SMTP Servers

Where exactly you put the ACL lines?
I think I tried all the possibles configurations, and nothing...

Thanks you
Regards