HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   ISPconfig, blocked ports (pop/smtp), Authentication/SSL (http://www.howtoforge.com/forums/showthread.php?t=11472)

orasis 18th March 2007 12:26

ISPconfig, blocked ports (pop/smtp), Authentication/SSL
 
My ISP is probably blocking ports 110 and 25 same as lots of other ones. I forwarded from different outside ports and pop/smtp works fine locally, same as from outside with a little problem.

The server can send/recieve emails to/from it's services (using DynDNS). It can also send emails via other mail servers, but cannot recieve emails from other servers from the outside. Example:

The Server can send an email using it's accounts, to an email account existing on the server (lan/internet). The Server can also recieve an email from an account existing on the server (lan/internet). The Server can send an email to a hotmail account or any other mailbox out there. But an email sent from a hotmail account cannot be recieved by my server, same as from other mail servers from outside.

Probably cause I got no rule on router except [ Inside port 25 > Outside port 8025 ] ? Or do you think it is something different that I did wrong here ? Do you think I can do some sort of a different trick to let the server work perfect with pop/smtp ? Maybe change the config files of ISPconfig ?

netstat -tap shows that all ports that should be listening are in LISTEN state but checking the canyouseeme.org tool, I get "Connection timed out" on all ports that I haven't forwarded to use a different port to the Outside. this makes me believe that they are blocked by the isp or is it something else I could check ?

pcflank.com scanner shows the forwarded ports in state "Open" and the non forwarded in state "Stealthed".

Finally, SSL for pop/smtp should be working right ? Haven't tested this fully yet. Also, should the server ask for "Authentication" (incoming/outgoing) ?


any kind of help will be appreciated
thanks very much

Hawker 18th March 2007 12:41

To my knowledge, if your ISP is blocking port 25 there isn't anything you can do.

All mail servers use port 25. Forwarding it to a different outside port would be like listening to pure silence. No mail server would ever connect to that port.

orasis 18th March 2007 12:46

thanks for the reply. I fully agree with you, but is there something else you could do ?

Hawker 18th March 2007 12:54

If there was a way around it, the spammers would have every server in the world bogged down 24 hours a day with spam.

Personally I wish more ISPs would block port 25 except for legitimate businesses. Then I wouldn't have to play with firewall and smtpd blocks on a daily basis. :)

orasis 18th March 2007 13:06

Quote:

If there was a way around it, the spammers would have every server in the world bogged down 24 hours a day with spam.
can you explain that alittle if you don't mind ? :)

Quote:

Personally I wish more ISPs would block port 25 except for legitimate businesses
I guess the main reason why they block ports is to pay them some more for those services maybe ? :)

Hawker 18th March 2007 13:58

Well, if you're actually able to send mail from your server then smtp on port 25 isn't blocked.

The reason many ISPs block port 25 is to prevent fly by night mail servers that propogate spam. They would prefer if you send mail through their servers so they can track and prevent mass mailings.

orasis 18th March 2007 14:06

Quote:

Well, if you're actually able to send mail from your server then smtp on port 25 isn't blocked.
but if I forward [ outside port 25 > inside port 25 ] then nothing works. Then something else goes wrong ? hmhm

Quote:

The reason many ISPs block port 25 is to prevent fly by night mail servers that propogate spam. They would prefer if you send mail through their servers so they can track and prevent mass mailings.
yeah that sounds reasonable.

orasis 18th March 2007 14:45

I just got a responce email, into the mailbox I tried to send an email to my server:

Quote:

This is the Postfix program at host smtp.xxxx.xx.

################################################## ##################
# THIS IS A WARNING ONLY. YOU DO NOT NEED TO RESEND YOUR MESSAGE. #
################################################## ##################

Your message could not be delivered for 4.0 hours.
It will be retried until it is 5.0 days old.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The Postfix program

<admin@xxxxxx.homelinux.com>: connect to
xxxxxx.homelinux.com[xx.xx.xx.xx]: Connection timed out

Hawker 18th March 2007 14:50

Ok, let's take a different approach...

Do you have mail and mx records set up in your DNS?

orasis 18th March 2007 14:57

ahm ... well,

Wildcard: Y
Mail Exchanger: [same address as Hostname, is that right ?)
Backup MX: N

What else to add or change ?

in ISPconfig both DNS and DNS-MX are checked


All times are GMT +2. The time now is 12:21.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.