How safe is this (SMTP on a 2nd port)

Discussion in 'Server Operation' started by edge, Feb 14, 2007.

  1. edge

    edge HowtoForge Supporter

    One of my friends (who has got a domain on my server) his ISP is now blocking port 25 forcing him to use the ISP's SMTP server.

    Now I could open an extra port in Postfix ( on my server for him (in this case port 26):
    26        inet  n       -       -       -       -       smtpd
    All he needs to do is set his mail client to use port 26 instead of 25.

    My question is: Is this safe to do?? Am I not opening something that spammers can use for mail relaying??

    I'm using Debian Sarge with ISPconfig.
    Last edited: Feb 14, 2007
  2. zcworld

    zcworld New Member

    if the smtp server is just a relay server
    where no user/password is needed to connect / send mail from it
    than maybe you will used as a spamer relay

    but .. to the key part : not sure
  3. edge

    edge HowtoForge Supporter

    It's a "safe" system with just the port 25 open. (no open relay server)
    All I want to do is add an extra port (26) to is, so that SMTP is open on 25 and 26.
  4. edge

    edge HowtoForge Supporter

    I'm going for it, and I'll be monitor the mail trafic as good as possible for the next 24 hrs.
  5. martinfst

    martinfst HowtoForge Supporter

    On the Postfix mailing list, a recent discussion has been done on using port 26 versus the "official" alternate port 587. Might be worth considering. Below the "final" email.

  6. edge

    edge HowtoForge Supporter

    Thanks for the info martinfst.

    Exactly the info I was looking for.
  7. edge

    edge HowtoForge Supporter

    Hmmm I'm getting a "bad transport type" error when I add the -o stuff

    No clue why it's doing this. I'll do some more research on this the next day(s)
  8. edge

    edge HowtoForge Supporter

    Okay I found my error problem..

    I needed to add a whitespace for continue line.
    (in front of the -o it needs a [space] )
  9. edge

    edge HowtoForge Supporter

    Hmm great (not)

  10. martinfst

    martinfst HowtoForge Supporter

    I assume this
    is a type in the forum post? (Watch the extra space between 'tic' and 'ated')
  11. edge

    edge HowtoForge Supporter

    man man.. it's not my day
    should be
  12. edge

    edge HowtoForge Supporter

    Yes I just found out :)

    Anyway.. It looked that all is working fine, but it kept asking for a username and password.

    When I use it the normal way, the username an password are okay, but when I try "your trick", it's a no go with the username and password for that user.

    I've tired about every combination possible with Outlook.

    Then I got it.. It needed "Log on to incoming mail server before sending mail"
    After I enabled that option, the Password problem was gone...

    BUT... Now when I send an email to any user (on the server system or not) I get a "554 Recipient address rejected: Access denied" error..


    Last edited: Feb 15, 2007
  13. edge

    edge HowtoForge Supporter

    Okay.. Got it working.

    I needed to remove the 2nd n from the submission inet option (it's the "CHROOT" option).

    This is what I have now, and it's working.. (not sure if all is okay now with the removed n for CHROOT)
    submission inet n - - - - smtpd
     -o smtpd_sasl_auth_enable=yes
     -o smtpd_use_tls=yes
     -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

Share This Page