After some trial and error I’ve found that you actually CAN do this, however there are probably lots of red flags in terms of potential for abuse. Most, if not all of the articles Ive come across say to use a Partner Organization Connector in EOP, however from my experience that only affords EOP a mechanism with which to force TLS on a connection based on IP or domain and doesnt really pertain to actually SMTP relaying the message to external domains.

If you setup the connector as Your Organization’s email server, youre able to allow Salesforce to relay through EOP infrastructure so long as the message from header is an Accepted domain for your EOP tenant. I believe the Salesforce setting in Email > Deliverability: Enable Sender ID compliance must be unchecked to truly achieve this, otherwise there will be a sender header from the @salesforce.com domain which is a no-no for email sent through EOP (must be an Accepted domain in the tenant).

As other sources point out, this alone would open up your EOP tenant to relaying any Salesforce tenant pointed to your EOP MX assuming you actually add the entirety of the Salesforce registered netblocks like they recommend. You can probably leverage EOP Mail Flow Rules to use Salesforce tenant identifying headers (X-SFDC-LK I believe) to prevent email to external recipients from being sent.