SMTP Relay with Office 365 is one of the more common questions we get at MessageOps. It seems there is some confusion about what actually constitutes a relay, so let’s start off with trying to determine if you actually need to relay with Office 365 and then we’ll get into the options. The question you must ask yourself to determine if you really need a relay is:
Do my applications, scanners, etc need to send ONLY to people in my domain?
If the answer is Yes, then you don’t need a relay server. You can configure those applications/devices to send mail directly to your MX record in Office 365. No authentication is necessary, no special ports are necessary. When the mail comes into Office 365 in this scenario, it will be accepted like other messages from the Internet. Granted it will look a little strange to Forefront that mail is coming from the Internet with a source address of @yourdomain.com, but by adding the IP address(es) of the on premise devices sending mail to the safe senders list, you should be able to avoid those messages going to junk or getting quarantined.
If the answer to the question above is No, your application or device needs to send mail to both people on the Internet and in your domain, then you need to relay mail. The question then becomes how to do it.