Optimum Online, the biggest cable service around here, is blocking trafic on port 25 (standard SMTP port) to reduce spam on their network. This prevents our clients from using our SMTP services. Can our server support two ports for SMTP? We would still use port 25 for clients UNLESS this port is blocked. Then can we have them use an alternate port (like 465) with a secure connection to send?
I went to Webmin -> Servers -> Postfix -> SMTP Authentication And Encryption, following another post. "Enable SASL SMTP authentication" is selected."Enable TLS encryption" is set to "Default". I opened up port 465 in iptables using your most excellent firewall interface, by cloning rule 25 and changing the port. The following test failed:
openssl s_client -connect localhost:465
connect: Connection refused
connect:errno=29
Any ideas? I did notice that in /etc/postfix/master.cf, the submission line is commented out. Whatever we change, I have to be so very careful. There are currently around 800 email accounts on the system.
Well, even if you get it to a point where users can connect to you on an alternate port, many ISP's block outgoing port 25 as well as incoming... so I'd be prepared in the future to come up with a way to handle outgoing email :-)
However, to solve your current problem, you can just uncomment the "submission" and "smtps" lines in the /etc/postfix/master.cf file, and restart Postfix -- that will enable ports 465 and 587, which your clients could then connect to using SSL.
-Eric
I am in the same boat. A clients ISP (AT&T DSL) is blocking port 25 so he can't send emails from his house. Im not quite understanding the above. What I want to do is accept incoming email on port 25 in addition to an alternate port so that both will accept email without requiring them to use SSL.
1) How/where do you set up the smtp ports? I've looked through the postfix menus. 2) Is there a specific port number that is less likely to be blocked that would be good to use?
Thanks, Steve
Howdy,
Is it possible to get Postfix to listen on an alternate port? Sure!
Getting SMTP servers throughtout the Internet to deliver to it is another story :-)
Unless the systems delivering mail to your server were configured by you, they won't know to attempt to deliver to your alternate smtp port. Thus, it won't actually work :-)
But, if you still want to get Postfix listening on another port, edit /etc/postfix/master.cf, and where you see this line:
smtp inet n - - - - smtpd -o smtpd_sasl_auth_enable=yes
Add another line underneath that, except change the "smtp" to whatever port you wish to use... for example:
2525 inet n - - - - smtpd -o smtpd_sasl_auth_enable=yes
And then restart Postfix.
Again though, this will all only work if each mail server and client delivering to your system is manually configured to deliver to your alternate port.
-Eric
Just to clarify, our clients are able to pop their accounts off of our server using port 25. They just configure outlook in the usual way, and everything pops (or imaps) just fine. The problem occurs when they attempt to send email from our server, using the connection from their ISP. These are people that own laptops, and are trying to use the same connection at home that they use at their office. When they connect to the internet from home, they can receive, but cannot send, email. The fix at the top of the page cured the problem for us, although port 465 was also blocked. port 587 was open. So we set up the laptops for this port. Issue resolved.