Haven't tested, but this should do it.
Suppose your ISP relay host is "mailrelay.example.com" and the user
name and password to use there is "user" and "password" respectively.
Enable SMTP authentication on outbound messages:
Create a file text file mapping which name/password should be used for
$ postconf -e smtp_sasl_auth_enable=yes
which given outbound destination. This file can contain multiple
Create a postfix lookup table from this text file:
$ echo mailrelay.example.com user:password > /opt/zimbra/conf/relay_password
Test that the map is okay and that the user: password pair is returned.
$ postmap /opt/zimbra/conf/relay_password
Make postfix use this:
$ postmap -q mailrelay.example.com /opt/zimbra/conf/relay_password
reload should do it - in this case no stop/start should be needed.
$ postconf -e smtp_sasl_password_maps=hash:/opt/zimbra/conf/relay_password
$ postfix reload
Also take a look at all the other smtp_sasl config options in
postfix documentation, starting at.
Beware of smtpd_ vs smtp_ sasl options. For mail being sent out via
SMTP, you care about the latter. smtpd_sasl_* are used for mail client
authentication, and the zimbra install already sets those up.