1

Topic: ISP blocks port 25 in both directions; how to only use 587?

==== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu Server i386 version 12.04.3
- Related log if you're reporting an issue:
====

My ISP blocks SMTP on port 25 inbound and restricts outbound SMTP to their SMTP servers only.
  (http://ww2.cox.com/residential/support/ … 0000000000).

Does this mean I won't be able to send and/or receive emails to/from my mail server?

I'm not keen on using their SMTP relay servers and was wondering if it's possible to just have all mail communication go over port 587 instead?
  (disclaimer - I'm a SMTP newb).

I've been reading other posts that mention to change the master.cf file by adding the following line (below first line with smtp):
    587 inet n - - - - smtpd
and uncommented this line:
    submission inet n - n - - smtpd

However, I'm totally stuck and have tried sending 40 test emails thus far to/from gmail. After reading the mail.log in /var/log, it seems that all outbound requests to gmail seem to fail for the same reason. Connection timed out. Which I can only assume is because it's trying to communicate over port 25 which is blocked.

from /var/log/mail.log:
"Jan 7 19:24:07 sandiegohouse postfix/smtp[3450]: connect to alt4.gmail-smtp-in.l.google.com[173.194.74.27]:25 Connection timed out"

I'm not entirely sure the way this works, but can we just tell iRedMail to use 587 instead for outbound mail? Gmail listens on 587 as well, right?

The other problem that may be contributing to this is the domain name. I'm only using this server for mail at the moment and just installed it with the following hostname:
  hostname -f
  sandiegohouse.biz
However, when I installed iRedMail, it asked for either a hostname or domain name (I can't remember) that was different than the existing hostname I already had. So I entered "mail.sandiegohouse.biz" which I didn't want the "mail" part, but had to enter something different per the install instructions. So then I noticed that my mail addresses were with the "mail" subdomain in them like "john@mail.sandiegohouse.biz" which I didn't want. So, using the iRedAdmin web console, I added another domain without the "mail" portion "sandiegohouse.biz" and created a similar user "john@sandiegohouse.biz".

So, after sending email to john@sandiegohouse.biz from gmail, it gets returned with:

Google tried to deliver your message, but it was rejected by the server for the recipient domain sandiegohouse.biz by smtp.secureserver.net. [72.167.238.201].
The error that the other server returned was:
550 #5.1.0 Address rejected.

And mail from gmail to the user on the other "mail" subdomain john@mail.sandiegohouse.biz gets lost and doesn't show up on either end.

How to fix this mess??????

NOTE:  I can reinstall iRedMail and Unbuntu server if need be for a clean installation if that's the quickest and/or easiest route.

On a side note, I have my router forwarding all traffic on ports 25, 443, 465, and 587 to the Ubuntu server. And using ufw I've opened the same ports on my ubuntu server (although I think iRedMail already took care of that at least for 25 anyway, but just to be sure).

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: ISP blocks port 25 in both directions; how to only use 587?

Most MTAs connect to port 25 only. So for these mail servers, they cannot send mail to your server.

3

Re: ISP blocks port 25 in both directions; how to only use 587?

ZhangHuangbin wrote:

Most MTAs connect to port 25 only. So for these mail servers, they cannot send mail to your server.

I see, thanks for the quick reply Zhang.

After reading up on MTAs, I now understand what you mean in seeing that MTAs communicate with other MTAs over port 25 only. My confusion with why we can't use 587 is now cleared up seeing how that's a client to server activity on 587 with an MUA connecting to an MSA on 587.

So I guess there's no way around that then? At least for inbound mail to my iRedMail server then.?.?

4

Re: ISP blocks port 25 in both directions; how to only use 587?

jrissone wrote:

So I guess there's no way around that then? At least for inbound mail to my iRedMail server then.?.?

Yes.

5

Re: ISP blocks port 25 in both directions; how to only use 587?

ZhangHuangbin wrote:
jrissone wrote:

So I guess there's no way around that then? At least for inbound mail to my iRedMail server then.?.?

Yes.

Unless you get another guy to accept mail for you on port 25 and then relay it to you on port 587.

F.