Just a comment, which is my own personal opinion, after fighting to set up outbound SMTP from a couple of machines inside my home network. For all the local mail clients, they are set to deliver outbound mail directly to my ISP.
There is a blanket iptables rule, which rejects all outbound SMTP connections from inside the network. OK, I can see, maybe, this being a “good thing”. But shouldn’t this be something decided by the local administrator, not forced by NS.
My first attempt at bypassing this, by activating “Allow relay from trusted networks” in SMTP Access on the Email tab appeared to work, after I tested this from my local Thunderbird client. However, as soon as my wife started working, there was this plaintive cry of “Why isn’t my e-mail working”.
After investigating, it turns out her e-mails were being rejected by NS as: “helo command rejected need fully-qualified hostname”. Further investigation led me to that Outlook only sends the local machine name when connecting to the mail server, not the fully qualified name. Obviously, Thunderbird must have been sending this fully qualified.
Long story short. I created a new FW rule to allow SMTP traffic to flow directly from Green to Red. But to my mind, this should be handled by a configuration/UI setting.