Difference between revisions of "SMTP/Port 25 blocked by ISP"

From braindump
Jump to navigation Jump to search
(Created page with "{{DISPLAYTITLE:Port 25 blocked by ISP}}")
 
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
{{DISPLAYTITLE:Port 25 blocked by ISP}}
{{DISPLAYTITLE:Port 25 blocked by ISP}}
Back when I was living in Japan I switched from Layer 1 from ADSL to FTTP with vDSL and all of a sudden I could no longer connect to port 25 on my server. Despite the fact that the underlying carrier was the same (NTT-East).

After a while I got fed up with running the old [[SSH/smtp-forward|smtp-forward]] script and did some more research. To my surprise the submission (TCP/587) and smtps (TCP/465) were as wide open as one could hope for.

A couple of configuration steps in <tt>postfix</tt> and I was up and running without much trouble. Under <tt>/etc/postfix/master.cf</tt> ensure that the line <tt><span class="highlight">submission</span></tt> and <tt><span class="highlight">smtps</span></tt> are not commented.

# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
<span class="highlight">submission inet n - - - - smtpd
-o smtpd_etrn_restrictions=reject
-o smtpd_client_restrictions=permit_sasl_authenticated,reject</span>
<span class="highlight">smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes</span>
If the above does not work [[SSH/smtp-tunnel|tunneling via ssh]] may be an option.
[[Category:Mail]]

Latest revision as of 20:16, 26 May 2012

Back when I was living in Japan I switched from Layer 1 from ADSL to FTTP with vDSL and all of a sudden I could no longer connect to port 25 on my server. Despite the fact that the underlying carrier was the same (NTT-East).

After a while I got fed up with running the old smtp-forward script and did some more research. To my surprise the submission (TCP/587) and smtps (TCP/465) were as wide open as one could hope for.

A couple of configuration steps in postfix and I was up and running without much trouble. Under /etc/postfix/master.cf ensure that the line submission and smtps are not commented.

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
submission inet n      -       -       -       -       smtpd
        -o smtpd_etrn_restrictions=reject
        -o smtpd_client_restrictions=permit_sasl_authenticated,reject
smtps    inet  n       -       -       -       -       smtpd
        -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

If the above does not work tunneling via ssh may be an option.