Postfix Setup, Outlook 2013 Account Settings for ISPs blocking Port 25 (Comcast)
Many using Windows 8 use Outlook 2013 to send and receive email. While Outlook 2013 isn't too hard to configure, most people using a major Internet Service Provider (for example Comcast in the USA) will find that their test emails fail.
This is because most ISPs block the SMTP port 25, the usual port for sending email.
I spent a couple hours banging my head on the desk :p trying to get Outlook 2013 on Windows 8 to send and receive email with my IPSConfig servers. Here's what finally worked...
Technical background information:
1. Dedicated Servers running CentOS 5.6, 5.7. (Those are old distros so I imagine anything running 6.x or greater will still function the same).
2. ISPConfig 2.2.x running Postfix 2.3.3. Any newer version of Postfix should be fine. To get your Postfix version:
4. Comcast Internet Service USA, allowing incoming mail on port 110 and secure outgoing mail on port 465.
5. I am using my server IP addresses as incoming and outgoing mail server addresses. If your server is already running a functional mail server as mail.mydomain.com or as hostname.domain.com, you should probably use those FQDNs.
6. IMPORTANT: I am assuming you have already setup an email user account in ISPConfig for your domain, for example: email@example.com. In ISPConfig 2.x, you'll get a username with that process, for example web10_myusername and the password you entered will be your email password.
Proper DKIM and SPF records will help your email reach major service providers like Yahoo, Hotmail, Live, and Gmail. You can find HowToForge's instructions on Setting Up DKIM here.
An SPF record (Sender Policy Framework) is simply a TXT DNS record for your domain that allows receiving servers to confirm your mail server's identity. You can learn more about SPF records here.
A common SPF record that seems to be acceptable to Yahoo, Gmail, and email testing services is: "v=spf1 a mx ptr ip4:184.108.40.206 -all" (without quotes in the actual entry), making sure that you have a rdns record setup for your server. Substitute your server's main IP for 220.127.116.11 in the example.
Changing Postfix to listen on Port 465 is fairly easy. If you must use Port 587 or any other port, please search HowToForge.com for posts about listening on non-standard ports.
Port 465 is listed as "smtps" (SMTP secure) in Postfix master.cf. To make Postfix listen on Port 465 using smtps, do the following to edit your master.cf file:
Before proceeding, make sure you can Telnet to your server on port 465. If Postfix is running on your server and you can NOT reach it on Port 465, your ISP might be blocking this port.
To test port 465 from your Windows 8 desktop:
1. Open the cmd prompt.
2. Type "telnet" and hit Enter.
3. If you don't get a "Welcome to Microsoft Telnet Client" message, you may have to install Telnet first. Follow instructions here.
4. At the Microsoft Telnet command line type:
Your server IP should work if mail.domain.com or domain.com fail. The IP is IPv4, for example 18.104.22.168. If this fails, your ISP might be blocking 465. Alternatively, your server might not be listening on Port 465.
Before calling your ISP, :) open a SSH connection to your server, login, and enter the following command, where 22.214.171.124 is your server IP:
Configuring Windows 8 Outlook 2013 to Send and Receive Email from Your ISPConfig Postfix server
I'll assume you are beginner (like I was) and explain everything step-by-step. If you are an expert user, just skim through the following to setup your account.
1. Open Outlook 2013. Click the "File" menu. You'll see a few large icons in the middle of the screen. Click "Add Account".
2. Look at the bottom of the configuration window that pops up. Select "Manual Setup or Additional Server Types", then click "Next".
3. The next screen lists the type of mail server you use. Select "Pop or IMAP", then click "Next".
4. The next screen is important and asks for detailed configuration information. Take it one entry at a time.
a. Your Name - Enter the name you want others to see when they receive your email, ie. "Joe Smith" or "ABC Company"
b. Email Address - Enter your email address EXACTLY as you programmed in your ISPConfig control panel, ie. firstname.lastname@example.org
c. Account Type - Select "Pop3".
d. Incoming mail server & Outgoing mail server - You should enter your server's entire FQDN: host name or mail server. A hostname would look like: host.domain.com , while a mail server is typically mail.domain.com . You can also use your server's main IP, for example 126.96.36.199 . The IP should suffice if all else fails.
e. If you use different addresses for incoming mail versus outgoing mail, enter the correct address in the corresponding place.
f. In the "Logon information" section, your username is what you programmed inside the ISPConfig control panel for your domain, for example web10_myusername . Your password is the password you setup for this username.
g. Check "Remember Password" box for convenience so Outlook will automatically load your email each time it opens. Otherwise, if you do not check the box, you'll be asked for your password prior to sending/receiving email each time.
h. Look for a box on the right side of the window called "More Settings...". Click this box to produce another pop-up window.
i. The General Tab comes up first. You can enter your name, email address, or server name in the "Mail Account" space. "Other User Information" is optional.
j. Click the "Outgoing Mail Server" tab. Click the check box "My Outgoing server (SMTP) requires authentication"
k. This will allow you to edit the next section. Select the box "Log on Using", then enter your username web10_myusername in the Username space and your password in the Password space. Click the "Remember password" box or else you'll be asked to enter your password every time email is sent.
l. Click the "Advanced" tab. Look at the "Server Port Numbers" information. This looks confusing but go one-by-one.
m. Incoming server (POP3): enter "110".
n. Do NOT check the box "This server requires an encrypted connection (SSL).
o. Outgoing server (SMTP): enter "465".
p. Select the "Use the following type of encrypted connection" menu and set to "Auto".
q. The rest of the advanced section can be edited to your preferred settings. Allow a little extra time for the "Server Timeout" (at least 1 minute).
r. Click "OK" at the bottom of the pop-up window to close "More Settings".
s. Under the "Test Account Settings" section of the "Add account" window, click "Automatically test account settings when Next is clicked".
t. Now click "Next" at the bottom of the window.
Outlook will attempt to login to your account using the settings you provided.
You might get prompted about the validity of your server certificate. For the time being, ignore the warning and proceed with the test.
(If a valid certificate is critical to your server operation, please follow instructions on HowToForge.com about creating a certifcate using StartSSl here - note these instructions are for Debian and NOT CentOS, but the procedure should be nearly the same.)
If you get a connection error, double check that you've entered your email address correctly on the "Add account" page and "More Settings - My Outgoing Server Requires Authentication" section.
Next, Outlook will send a test email to your account. If you receive an error, double check the following:
1. Your outgoing mailserver in the "Add Account" window is correct, exactly as you programmed in ISPConfig. Double check ISPConfig's DNS section to make sure your MX record and corresponding A record are present. Test your domain's DNS for free at www.dnsstuff.com .
2. In the "More Settings" menu, make sure "My outgoing server requires authentication" is checked. Also, the "Log on" circle is selected, with your exact username and password entered.
3. In the "More Settings - Advanced" Menu, make sure your incoming server POP3 port is 110. Make sure your outgoing server port is 465. Finally, make sure you select "Auto" from the type of encryption drop down.
If all else fails, contact your ISP (in my case Comcast) to make sure they are not blocking ports 110 or 465 by mistake. Then, check that your mail server is functional and accepting connections on those ports.
OOOOhhh so close...
I brought home a new Windows 8, with Outlook 2013 and have not been successful in getting the sending test to pass.
I do have a POP3 account and domain email name.
I have spent exhaustive hours on the phone with my ISP (COX) and my web site designer.
Both point to the other.
What I find most confusing, and also supports their claims, is that the EXACT same settings work on my other computers in the house ( older Windows 7 with Outlook 2010 on them), but not on this new Windows 8/ Outlook 2013.
YOU were the only posting that came so close to truly outlining my exact problem. I tries all the port changes, etc you recommended in the above post ( changed to 465, etc) but it times out.
I tested my domain on the dnsstuff site and there were 2 main fails: Acceptance of postmaster and Acceptance of abuse. What does that mean? And is it relevant?
I am so hopeful; that you can help me.
With my warmest appreciation,
I'm not an email expert but I do have a few ideas for you.
1. For MX postmaster and abuse failures, add a email@example.com email address and firstname.lastname@example.org email address inside your ISPConfig control panel. If you use CPanel or something else, configure the email addresses from your site's control panel.
2. Here is the link to Cox's POP SMTP settings for email clients, double check you have the right ports configured.
3. If email can be sent and received inside your house on other computers using older versions of Windows, that would suggest Windows 8 has a setting that's causing your difficulties.
Step 1. Use Telnet to ping your email server on the ports Cox permits. Refer to my post for opening up ports and testing with Telnet on Windows 8.
Step 2. Go to your Windows 8 Control panels -> System and Security -> Windows Firewall to Allow an App.
This will bring up a list of applications allowed to interface with the internet. If Outlook is NOT listed, add it to the group, and make sure it has permission to use the ports for Cox.
Step 3. Try turning off McAfee security system temporarily and see if you email gets through. McAfee and Windows Security operating at the same time is redundant, and you can uninstall McAfee completely and operate safely without it.
Step 4. Open up specific ports in Windows Firewall. This page describes how to open a port in Windows 8 . You will need to get inside "Advanced settings" to make the changes. Be careful and backup settings.
I hope that helps! Once your email is working, make sure you backup Outlook daily to preserve all your accounts and settings.
Also backup your laptop or desktop daily. It will save you the aggravation of having the reconfigure the entire system should you have to start over.
Followup to #3 - "Other computers work but Windows 8 Does not"
Make sure your router settings permit your Windows 8 computer to access the network. Most newer laptops access the internet via Wi-Fi and your router needs to allow your computer full access.
Windows 8 Outlook 2013 account settings
I am a newbie to forums. Came across this one by googling my W8/Outlook question and was very impressed with your wonderful, knowledgeable response to this member's problem. My difficulty with Window 8 Outlook 2013 seems simple enough but despite numerous attempts I cannot solve it, I am hoping you can help. I recently set up a laptop for a charitable trust - a volunteer environmental group I work with. I have managed to get everything connected with their ISP all right, and tests working. But I now see that emails being sent from the laptop have an incorrectly spelt organisational name. Which is important. I thought it would be very easy to fix my typo and went into the usual Outlook account setting. All the account names I can find are spelt correctly! I cannot find anywhere in Outlook / W8 or the laptop system where this name is being picked up from. I am attaching a spreadsheet of an email so you can see the error. The organisational name should be Awhitu Peninsula Landcare and instead it is Awhitu Peninsula Lancare (missing the d in Landcare). Are you able to point me to the location so I can fix this please? Hope it is not too simple / obvious so I can avoid looking a real charlie.... with very many thanks.
A couple thoughts came to mind for Outlook Config
1. Go to account settings, and select properties or edit.
2. Make sure any field named "Account Name" or "Reply to Name" or "My name" etc., is the correct version you want, ie. "landcare" and not "lancare".
Email server Config
1. I don't know if you're using ISPConfig 2, 3, or some other control panel. Also, what email programs is your server using, ie. postfix, courier, dovecot, etc?
2. If you're using ISPConfig, double check the the name you've assigned to the respective email address inside your ISPConfig control Panel. In ISPConfig 2.x, you would click "websites" and then "user accounts" for the domain name.
In ISPConfig 3, you would visit the mail section, and check the mailbox you setup for the domain.
Even though your Outlook settings are spelled correctly, it's possible they aren't spelled right on the server itself, which might be sending out different names in the email headers.
Windows 8 Outlook 2013 account settings
thanks so much BPMEE for your considered and very prompt reply... I have thoroughly checked your first suggestions 1) and 2), and all is correct there, so that is not where the problem is. The organisation doesn't have an inhouse server, we use our ISP servers, so perhaps this is where the problem is originating, I will check with them. Really appreciate your assistance and I do realise that my problem is a basic one and probably not really suited to this forum - thanks again, go well.
Good advice, You helped me a lot :)
SPF an -all
-all is breaking forwarding.
User A is sending a mail to user B
B is forwarding all this mail to another mail address at C
C will reject all this messages if -all is set because A did not autorize B to send mails for him.
SPF is broken by design(TM).
Some giving you a bonus if you have one.
Crating a SPF record does not harm you but then set it to ?all.
If you set it to -all you don't want your mails to be deliverd.
You don't have to be very clever to see that the there sugestet SRS tries to fix a broken system with someting even more broken.
?all is the only somehow making sense SPF record.
Best is remove SPF from any howto.
There is only one case a SPF record is maybe somehow useful is together with DKIM and DMARC. You get then reports which servers are sending mails for your domain.
If you speak German buy this books:
Das Postfix Buch: http://www.opensourcepress.de/de/pro...-3-941841-00-0 (e-book only a few printed are left. The new edition will be released 2015)
Das Dovecot Buch: http://www.opensourcepress.de/de/pro...-3-95539-074-7
The best books about mailservers I have ever read!
|All times are GMT +2. The time now is 20:53.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.