The system wide email forwarding (aka SMTP relay) is the recommended setup. You may need to revert any SuiteCRM config changes that you've made, but as I say, configuring the locally installed mail transfer agent (aka MTA, in the case of TurnKey, Postfix) to use a SMTP relay should "just work". The bonus of doing that is that you will then also get system notifications (i.e. not just stuff from SuiteCRM e.g. OS security update notifications, backup failures, etc). You could also configure your system to provide additional email alerts too if you wish. It's also generally pretty easy to trouble shoot as you can send test emails via the commandline (e.g. using the 'mail' command). The Postfix logs are usually fairly helpful if something isn't working.

If you're adamant that you don't want to do that, and you want to only forward SuiteCRM mail via your SMTP, then TBH, I'm not really sure. Beyond specific requirements of SuiteCRM and your SMTP server/service it should "just work". I have double checked our build setup and from what I can gather, the packages that we install meet the noted SuiteCRM requirements. So that makes a missing dependency appear unlikely.

FWIW, a quick google for "suitecrm can't connect to remote smtp" turns up tons or results! So whilst it may seem simple on face value, that does suggest to me that the requirements and idiosyncrasies of sending mail via SuiteCRM are tighter than they may seem on face value.

Re your comment that "suitecrm uses an old TLS"; I'm not completely clear on the context, but I guess that means that the SuiteCRM remote SMTP connection software component only supports older SSL/TLS ciphers/version (and your SMTP relay uses really new SSL/TLS ciphers/version)? If that's the case, then it's a SuiteCRM bug IMO. FWIW I searched the SuiteCRM forums for a thread that sounded like you (to try to get full understanding of the context) but couldn't find it. If that is indeed the case, then the systemwide config (i.e .use local Postfix to forward to your SMTP) should workaround that ok (you can connect locally with no encryption, then Postfix can use the system TLS support).

Regardless though, if you haven't already, you really should be consulting the SuiteCRM logs (should be found in /var/www/suitecrm). If you see some error message, it would be good to know what it is. Without some concrete insight from the logs, we're all just guessing really. TBH, I'm surprised that SuiteCRM support didn't ask for them; and if they did and you provided them, I'm not sure why you didn't also cross post here? (the first rule of reporting bugs/problems is that you can NEVER provide too much info!)

Also, if SuiteCRM leverages PHPMailer (and I'm 99% sure it does) then there is a very extensive PHPMailer troubleshooting page. It is quite technical and appears to be aimed more at PHP developers than end users, but it may give you some ideas of things to check and/or troubleshooting procedures?

So to summarise, if you wish to proceed with configuring just SuiteCRM to send mail, then please provide a link to your SuiteCRM support discussion (assuming that it was on their public forums), as well as log output. Ideally please copy/paste the text rather than posting screenshots (it makes it much easier to google for the important bits).

Scratch most of that previous stuff (I left the more likely valuable stuff, the stuff I don't think is relevant, I struck out instead of removing - perhaps some of it is useful to someone?). I found your SuiteCRM thread (it didn't come up in searches, but when I browsed I found it fairly quickly).

Whilst I'm in no doubt that they know more about their software than I do, to me TLS seems irrelevant to the error message you've reported over there. I would expect a different SMTP error message if it was TLS related. Looking at your message, I'm more inclined to suspect that the issue is a DNS hostname lookup, possibly a SuiteCRM config and/or hostname config and/or DNS config issue! If you look at RFC2821 section 4.1.3 (as explicitly noted in the error message) SMTP connections requires either a hostname/FQDN that matches DNS records or an IP address. So to me, the error message seems to clearly be suggesting, that for whatever reason, your SMTP server/service can't match your hostname to the server.

Given what you've shared, it seems possible that the systemwide config I mentioned earlier may not "just work" either? (Although it might? - if it is a TLS issue as suggested in the SuiteCRM thread, then that should work around it fine). It sounds like you have the DNS set up (although, I'd recommend double checking for typos and also check that it resolves using DNS tools), as you note, the outgoing mail setup looks pretty straight forward, but I don't see where it allows you to set the hostname (FQDN) of your server). IIRC the domain/FQDN of your SuiteCRM instance is set in the main SuiteCRM config file (/var/www/suitecrm/config.php). Perhaps the setting in there isn't right? (Restart Apache if you change it).

If the hostname/domain name in the SuiteCRM config is right, and matches the DNS records, and the DNS records resolve correctly, then TBH, I'm out of ideas and perhaps it is a TLS issue after all?

Also as a final footnote, in future please post as much info as possible, especially verbatim log messages. If you noted the error message here (as you did in the SuiteCRM forums) or even cross linked to the SuiteCRM forums, that would have saved me a fair bit of time and energy... So in future if you've posted elsewhere, feel free to cross post links. There may be context to their response that may assist me understand and/or there may be config info that I know that I can add to any discussion.

[update] OMG, I'm a bit of an idiot... I just noticed that you DID post that error message in your OP! So I stuck out the last paragraph. It's still relevant, but not quite as relevant to you in this particular case. Having said that, it would have been useful to understand that the issue you were having was with the SuiteCRM SMTP set up, but it would have also been useful if I had re-read the OP and noted the error message you posted there...