Results 1 to 10 of 10

Thread: Postfix and Port 25

  1. #1
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,257
    Distro
    Xubuntu 14.04 Trusty Tahr

    Postfix and Port 25

    I've just changed my ISP from AT&T's DSL to AT&T Uverse, and found that port 25 is now irrevocably blocked for my new account; it had been grandfathered on the DSL account. As a result, my local mail server is no longer able to send traffic outside my LAN. While I don't need to do so often, since I keep an off-site non-ISP server for normal use and it allows alternate ports, I have a couple of programs that do need to send things, and I sometimes reply to messages that come into my local server.

    EDIT: Cut to the chase; solution is in message #10.

    The simplest solution to this problem would be to change settings of postfix to use port 587 instead of 25. However I've not been able to find anything in the documentation or the configuration files that gives me any hint of how to accomplish this change. None of the how-to pages I've read mention the subject, and a forum search turned up exactly one post that mentioned making such a change -- and it failed to say how or where it was done. Can someone please enlighten me?

    If no such setting exists, is there a way to use iptables, specifically the OUTPUT chain of the nat table, to handle things?

    Many thanks for all responses!
    Last edited by JKyleOKC; November 12th, 2013 at 07:46 PM.
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  2. #2
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,036
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    How about configuring the local Postfix to relay all mail through your off-site machine? I run all my mail services at Linode, but also maintain a local mail server here in my office. That server communicates with the remotes over an OpenVPN static-key tunnel.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  3. #3
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,257
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    Quote Originally Posted by SeijiSensei View Post
    How about configuring the local Postfix to relay all mail through your off-site machine? I run all my mail services at Linode, but also maintain a local mail server here in my office. That server communicates with the remotes over an OpenVPN static-key tunnel.
    That would be great, except for the fact that my off-site server's administrators reject non-SASL mail traffic from AT&T residential accounts entirely because they're on one of the many blacklists, and at the moment I'm having major difficulty getting postfix to AUTH using SASL, because I've installed dovecot as a pop3 provider locally. Seems to be a catch-22 situation, but I'm learning more than I ever wanted to know about debugging postfix servers...

    Thanks for the reply; I would have been back sooner but have spent most of the day debugging with assistance from folk on the dslreports.com 'All Things Unix" forum...
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  4. #4
    Join Date
    Nov 2008
    Location
    Metro Boston
    Beans
    9,036
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    Quote Originally Posted by JKyleOKC View Post
    That would be great, except for the fact that my off-site server's administrators reject non-SASL mail traffic from AT&T residential accounts entirely because they're on one of the many blacklists
    I interpreted your earlier comment to mean you had control over the off-site machine. Can you install software on it? If so, I would install OpenVPN and set up a tunnel. The remote machine would see all the traffic coming over the tunnel and not know anything about the fact that it is originating from an ATT account.

    I find the $20/month I pay for a Linode well worth the investment. It gives me a public IP address, a machine I have total control over, big honking pipes out to the Internet, and the usual stuff like backup generators, air conditioning, and the like. If Linode were a public company, I'd buy stock. They are very well managed and growing world wide.
    If you ask for help, please have the courtesy to check for responses and thank the people who helped you.

    Blog · Linode System Administration Guides · Android Apps for Ubuntu Users

  5. #5
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,257
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    No, my off-site server is simply a godaddy email account that came along with my web page subscription, and I don't have any control at all over its traffic policies. It's been adequate, and at around $60/year for everything is easy to afford on retirement income. It's beginning to look as if the whole problem might be fixable by paying a one-time charge to AT&T to remove the block on my account and putting everything back to be RFC-compliant, which will probably be the easy way to fix things...
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  6. #6
    Join Date
    Feb 2009
    Location
    Singapore
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Postfix and Port 25

    To enable port 587 aka submission port, uncomment the following in /etc/postfix/master.cf
    submission inet n - n - - smtpd

  7. #7
    Join Date
    Apr 2013
    Beans
    120
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    Hi.

    To change the port from 25 to 400 (for example), edit /etc/postfix/master.cf

    and change the line

    Code:
    smtpd inet n - - - - smtpd
    to

    Code:
    400   inet   n    -     -     -     -    smtpd
    It works just fine for me:

    Code:
    user@host:~$ sudo netstat -tanep | grep 400
    tcp        0      0 127.0.0.1:400           0.0.0.0:*               LISTEN      0          13412       2826/master
    Hope this helps.
    Last edited by clearski; November 12th, 2013 at 06:12 PM.

  8. #8
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,257
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    That was the first thing I tried; it made EVERY attempt to send mail through the local server error out with a "points to myself" message. I undid this, and since have been attempting to use a gmail account as a relay host -- but gmail insists that authentication is required, despite my adding it in as copied from other peoples' main.cf files that work properly. I'm beginning to think there's no solution for it, in my specific configuration...

    FWIW, the master.cf settings appear to deal with how postfix handles its input, not how it sends output upstream -- and it's the output problem that I'm trying to solve.
    Last edited by JKyleOKC; November 12th, 2013 at 07:45 PM.
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  9. #9
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,257
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    Thanks to all for the suggestions, but as I mentioned above the master.cf entries appear to set up what happens with incoming data, not what ports are used for output. The best solution appears to be to use a relay host, but then other problems arise.
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

  10. #10
    Join Date
    Sep 2007
    Location
    Oklahoma, USA
    Beans
    2,257
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: Postfix and Port 25

    Finally got it fixed; turned out to be a missing line in my main.cf file that was preventing proper authentication. While I did have a line "smtpd_sasl_auth_enable = yes" in place, it also needed "smtp_sasl_auth_enable = yes" which wasn't there. Adding it and reloading postfix did the trick. It's been an interesting week!

    Thanks to TheFu, who on another thread about the same problem back in June posted a link to a thread in the Arch Linux forums that put me on the right trail. My initial search, for some reason, hadn't brought up the thread from June and thus I spent a few days trying all sorts of fixes that didn't help. However I learned much about iptables and postfix along the way so it wasn't wasted time.

    Thanks again to all who replied. That's what is so great about these forums!
    --
    Jim Kyle in Oklahoma, USA
    Linux Counter #259718
    Howto mark thread: https://wiki.ubuntu.com/UnansweredPo.../SolvedThreads

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •