Difference between revisions of "SMTP/Port 25 blocked by ISP"
Jump to navigation
Jump to search
(Created page with "{{DISPLAYTITLE:Port 25 blocked by ISP}}") |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:Port 25 blocked by ISP}} |
{{DISPLAYTITLE:Port 25 blocked by ISP}} |
||
Back when I was living in Japan I switched from Layer 1 from ADSL to FTTP with vDSL and all of a sudden I could no longer connect to port 25 on my server. Despite the fact that the underlying carrier was the same (NTT-East). |
|||
After a while I got fed up with running the old [[SSH/smtp-forward|smtp-forward]] script and did some more research. To my surprise the submission (TCP/587) and smtps (TCP/465) were as wide open as one could hope for. |
|||
A couple of configuration steps in <tt>postfix</tt> and I was up and running without much trouble. Under <tt>/etc/postfix/master.cf</tt> ensure that the line <tt><span class="highlight">submission</span></tt> and <tt><span class="highlight">smtps</span></tt> are not commented. |
|||
# ========================================================================== |
|||
# service type private unpriv chroot wakeup maxproc command + args |
|||
# (yes) (yes) (yes) (never) (100) |
|||
# ========================================================================== |
|||
smtp inet n - - - - smtpd |
|||
<span class="highlight">submission inet n - - - - smtpd |
|||
-o smtpd_etrn_restrictions=reject |
|||
-o smtpd_client_restrictions=permit_sasl_authenticated,reject</span> |
|||
<span class="highlight">smtps inet n - - - - smtpd |
|||
-o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes</span> |
|||
If the above does not work [[SSH/smtp-tunnel|tunneling via ssh]] may be an option. |
|||
[[Category:Mail]] |
|||
Latest revision as of 20:16, 26 May 2012
Back when I was living in Japan I switched from Layer 1 from ADSL to FTTP with vDSL and all of a sudden I could no longer connect to port 25 on my server. Despite the fact that the underlying carrier was the same (NTT-East).
After a while I got fed up with running the old smtp-forward script and did some more research. To my surprise the submission (TCP/587) and smtps (TCP/465) were as wide open as one could hope for.
A couple of configuration steps in postfix and I was up and running without much trouble. Under /etc/postfix/master.cf ensure that the line submission and smtps are not commented.
# ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd submission inet n - - - - smtpd -o smtpd_etrn_restrictions=reject -o smtpd_client_restrictions=permit_sasl_authenticated,reject smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
If the above does not work tunneling via ssh may be an option.