Running SMTP on multiple ports (postfix)

Discussion in 'Tips/Tricks/Mods' started by eKg, Jun 9, 2006.

  1. eKg

    eKg New Member

    Hello all;

    As with most large ISP's, my ISP filters port 25 (SMTP). As a web hosting provider, I felt that my customers should be able to use my email server to send email, as well as receive it. It's kind of a value added feature :)

    So, here's how I did it:

    Open /etc/postfix/master.cf and add the following line:
    Code:
    587       inet  n       -       n       -       -       smtpd
    This is for postfix only. Restart postfix and your done. This doesn't really have anything to do with ISPConfig, however maybe it should be an option...?

    EDIT: I forgot to tell you, SMTP will listen on ports 25 and 587
     
    Last edited: Jun 12, 2006
  2. alex916

    alex916 New Member

    This is a great solution but when i try to send an email using 587 port, no auth is required and the server become an open relay.
    Any idea?
     
  3. falko

    falko Super Moderator Howtoforge Staff HowtoForge Supporter

  4. alex916

    alex916 New Member

    Yes, i tried to send a email from my network.
    Running telnet localhost 587 this is the output:

    debian:/etc/postfix# telnet localhost 587
    Trying 127.0.0.1...
    Connected to localhost.localdomain.
    Escape character is '^]'.
    220 debian.domain.tld ESMTP Postfix (Debian/GNU)
    ehlo localhost
    250-debian.domain.tld
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH LOGIN PLAIN
    250-AUTH=LOGIN PLAIN
    250 8BITMIME
    quit
    221 Bye
    Connection closed by foreign host.
     
  5. alex916

    alex916 New Member

    I tried to use this tip from a remote pc with an outside ip but it doesn't work.
    When I send an email, i can't authenticate me using port 587.
     
  6. falko

    falko Super Moderator Howtoforge Staff HowtoForge Supporter

    Looks fine.

    What's the exact error message? What's in the mail log? Did you enable "Server requires authentication." in your email client?
     
  7. alex916

    alex916 New Member

    Looking mail.log, when i use port 587, i have this error:

    Aug 3 16:14:58 debian postfix/smtpd[3759]: connect from unknown[192.168.0.4]
    Aug 3 16:14:58 debian postfix/smtpd[3759]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
    Aug 3 16:14:58 debian postfix/smtpd[3759]: warning: unknown[192.168.0.4]: SASL LOGIN authentication failed
    Aug 3 16:14:58 debian postfix/smtpd[3759]: lost connection after AUTH from unknown[192.168.0.4]
    Aug 3 16:14:58 debian postfix/smtpd[3759]: disconnect from unknown[192.168.0.4]

    Thanks Falko
     
  8. falko

    falko Super Moderator Howtoforge Staff HowtoForge Supporter

    Is saslauthd running? What's the output of
    Code:
    ps aux|grep saslauthd
    ?
    What's in /etc/postfix/master.cf?
     
  9. alex916

    alex916 New Member

    Code:
    debian:~# ps aux|grep saslauthd
    root      1805  0.0  0.6  6556 1580 ?        Ss   Jul20   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam
    root      1806  0.0  0.7  6664 1928 ?        S    Jul20   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam
    root      1807  0.0  0.7  6664 1928 ?        S    Jul20   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam
    root      1808  0.0  0.7  6664 1928 ?        S    Jul20   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam
    root      1809  0.0  0.6  6556 1580 ?        S    Jul20   0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam
    root     22604  0.0  0.3  2048  780 pts/0    S+   12:26   0:00 grep saslauthd
    And Master.cf

    Code:
    #=========================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    #========================================================
    smtp      inet  n       -       -       -       -       smtpd
    #submission inet n      -       -       -       -       smtpd
    #       -o smtpd_etrn_restrictions=reject
    #628      inet  n       -       -       -       -       qmqpd
    pickup    fifo  n       -       -       60      1       pickup
    cleanup   unix  n       -       -       -       0       cleanup
    qmgr      fifo  n       -       -       300     1       qmgr
    #qmgr     fifo  n       -       -       300     1       oqmgr
    rewrite   unix  -       -       -       -       -       trivial-rewrite
    bounce    unix  -       -       -       -       0       bounce
    defer     unix  -       -       -       -       0       bounce
    trace     unix  -       -       -       -       0       bounce
    verify    unix  -       -       -       -       1       verify
    flush     unix  n       -       -       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    smtp      unix  -       -       -       -       -       smtp
    relay     unix  -       -       -       -       -       smtp
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       -       -       -       showq
    error     unix  -       -       -       -       -       error
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       n       -       -       lmtp
    anvil     unix  -       -       n       -       1       anvil
    #
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
    scalemail-backend unix  -       n       n       -       2       pipe
      flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    
    # only used by postfix-tls
    #tlsmgr   fifo  -       -       n       300     1       tlsmgr
    #smtps    inet  n       -       n       -       -       smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
    #587      inet  n       -       n       -       -       smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
    587       inet  n       -       n       -       -       smtpd
    The problem occurs only when i try to use like smtp port 587.
    Using 25 it's all ok.
     
  10. falko

    falko Super Moderator Howtoforge Staff HowtoForge Supporter

    Change this line:

    Code:
    587       inet  n       -       n       -       -       smtpd
    to

    Code:
    587       inet  n       -       -       -       -       smtpd
    in /etc/postfix/master.cf and restart Postfix.
     
  11. alex916

    alex916 New Member

    Great! Now it's perfect and i can send email using m isp-config server also if another isp block port 25.

    Thanks
     
  12. gwa7

    gwa7 New Member

    Having the same problem

    I'm having the same problem and getting the same error message, but the fix does not work for me. Any ideas?
     
  13. gwa7

    gwa7 New Member

    It's working

    This is what worked for me. I had to make both lines match:

    smtp inet n - n - - smtpd
    587 inet n - n - - smtpd

    (I actually used a different port number than 587)

    One more thing for Evolution users:
    If you change the default smtp port, add the port to the end of your mail server like this: mail.yourserver.com:587
     
  14. Cools

    Cools New Member

    thanks to you guys i have the company email working..

    as they are so tight on security. i cant use port 25 properly over the vpn so i now have 587 doing the same job.

    Keep up the good work guys.




    ----------------------------------------------------
    i bookmark pages incase i become thick one day!!
     
  15. gwa7

    gwa7 New Member

    TLS working but not SSL on port 587

    As I stated earlier, these settings worked for me:

    smtp inet n - n - - smtpd
    587 inet n - n - - smtpd

    TLS encryption works on the new port 587. It also works without encryption on this port.
    SSL encryption works on port 25.
    However, when I try to send an email to my server with SSL on port 587, it just sits in the outbox. Any ideas on what I need to change to make this work?

    I appreciate your help and thanks again for ISPconfig!

    Gary
     
    Last edited: Feb 12, 2008
  16. falko

    falko Super Moderator Howtoforge Staff HowtoForge Supporter

    What's in /etc/postfix/master.cf? Any errors in your mail log?
     
  17. gwa7

    gwa7 New Member

    Thanks for your quick reply. I am actually using port 2525 instead of 587.
    Here is what you requested:

    What's in /etc/postfix/master.cf:

    From mail log:
     
  18. blocker

    blocker Member

    Hi All,

    it worked for me perfectly, however i want to use my ispconfig server as alternative smtp server for domains that are not hosted on the ispconfig server. I add the domain and create the desired users that should be able to use the ispconfig alternative smtp server, everything works perfect, only 1 thing do not - sending mails from that domain to itself. The ispconfig handles these mails internal. I have set "External Mailserver" for that domain but that didnt helped at all. I also deleted the domain from /etc/postfix/local-host-names but after running /root/ispconfig/php/bin/php /root/ispconfig/scripts/writeconf.php this domain is automaticaly added in /etc/postfix/local-host-names. What can i do to achieve my target?
    N/B I hope there will be an "ISPconfig way" doing this because i want ppl that do nnot have access to the server but only to ispconfig admin interface to be able to add domains and users which will be able to use the alternative SMTP port...

    Thanks in advance!!!!!
     
  19. falko

    falko Super Moderator Howtoforge Staff HowtoForge Supporter

    Did you do this only for the main FQDN (e.g. www.example.com), or also for the Co-Domains? Each Co-Domain has its own Options tab where you can select "External Mailserver".
     
  20. blocker

    blocker Member

    only for FQDN, i have no subdomains for the test domain... but postfix tries to deliver locally...
     

Share This Page