0

I want to setup a home mail server to receive incoming mails, but my ISP blocked port 25, so other mail clients (e.g., gmail) can't connect to my home mail server, right? I mean, I can telnet from remote site to my home server via other ports, ssh/ftp/www etc, but not port 25 (timeout). This means my ISP is blocking port 25, right?

If so, is there any way for my sendmail home mail server still be able to receive incoming mails? My own searches found many articles talking about this but the final solution offered is a paid commercial service. I'm wondering if it is the only option.

I also found some saying enabling port 587 will do, but is it really so? I saw people open port 587 for some weird reasons, or no reason at all. Is it really the correct thing to do? Because I saw,

Historically, in Internet mail, both MTA and MSA functions use port number 25, but the official port for MSAs is 587.[1] The MTA accepts locally-destined mail from other domains, and an MSA accepts submitted mail from local users.

And according to my sendmail.mc:

$ grep Port= sendmail.mc
DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtp')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl

The submission port is for MSA, which is for accepting submitted mail from local users. It is the smtp port, that used by the MTA to accept locally-destined mail from other domains, that really counts when accepting incoming emails, right? How can it be done?

Update, Thank to @davidgo's reply, which concurs what I've also read that there is no workaround for this, but let me throw in some counter-arguments.

Before using smart-host, I'm getting "Connection timed out" errors from some of the email servers, like google:

 $ tail -1 /var/log/mail.log
 Jun 15 15:55:52 coral sm-mta[9924]: s5FAo29p007675: to=<[email protected]>, delay=09:05:50, xdelay=00:10:36, mailer=esmtp, pri=2550569, relay=alt4.gmail-smtp-in.l.google.com. [74.125.136.26], dsn=4.0.0, stat=Deferred: Connection timed out with alt4.gmail-smtp-in.l.google.com.

So I tried using telnet to port 25 to see if we're able to connect to the destination host...

  $ telnet alt4.gmail-smtp-in.l.google.com 25
  Trying 74.125.136.27...
  Trying 2a00:1450:4013:c01::1a...
  telnet: Unable to connect to remote host: Network is unreachable

Hmmm, I was going to say that gmail's port 25 is blocked as well, but I now think it is the IPS not gmail that is blocking port 25. So, no workaround huh? Ok...

Suppose it is the one, but still there are two sides for enabling port 587, one for outgoing and one for incoming, I should enable the incoming part right? Would that make my home mail server an open relay then? Do I have to do anything else? E.g., here it says, "For instance when I configure sendmail to listen to port 587 it will typically only accept incoming e-mail over that port when the user has authenticated", without any further elaboration. Is this the all the steps needed?

Thanks

Improve this question
3
  • port 25 has been closed by isp's for a long time, most have moved to 587. noip.com/blog/2013/03/26/…
    – Moab
    Commented Dec 21, 2015 at 1:49
  • I've seen it and that's why I said, "but the final solution offered is a paid commercial service"
    – xpt
    Commented Dec 21, 2015 at 2:28
  • @moab Port 587 can be used for submitting email to an SMTP, but not (in the general case) for sending email between SMTP servers as the OP is needing to do.
    – davidgo
    Commented Dec 21, 2015 at 3:14

3 Answers 3

Reset to default
3

If your ISP is indeed blocking port 25, then you are out of luck with respect to having your email program receive email directly. That said, you presumably have a static IP address so you should talk to your ISP about it - It is quite feasible for them to block requests from your IP on port 25 leaving their network while allowing requests going to it on port 25. (Of-course, your ISP may have a prohibition on running servers or just be hostile to its users, as some are).

[ Thought - before you beat up on your ISP, have you checked your router allows forwarding of that port - it may be that your router is set up to allow other ports but not that one ]

You can't run a (generally accessible) incoming SMTP server on a port other then 25 as the specs don't allow for it - which means you somehow need to get connections allowed to port 25. A paid service of some description is the common way to acquire the resources to do this [ unless you have friends without blocked ports and where you can set up a VPN and access on port 25, or something like that ]

Improve this answer
2
  • Thank you @davidgo, Yeah, I've also read that there is no workaround for this, as you concluded as well. Let me update my OP...
    – xpt
    Commented Dec 21, 2015 at 3:07
  • I did have checked my router before I "telnet from remote site to my home server via other ports, ssh/ftp/www etc, but not port 25 (timeout)". OK. I accept your answer on the basis that you did answer that there is no workaround for home based servers behind ISP . :-) Thanks.
    – xpt
    Commented Dec 21, 2015 at 3:24
0

If you are using this to recieve your mail from the internet, you want an e-mail client (POP3 or IMAP), not an SMTP server (which is used for sending mail, not receiving it).

Additionally, I would recommend using SSH over telnet, as telnet is cleartext (non-encrypted) transmission over the internet.

Improve this answer
0

It is Common for ISP's to block port 25 as if they configured incorrectly to have an open relay then it will be used to spam a lot of the time.

Can you just change the port on which you receive mail? Try running the service on a non blocked port and see if you can connect

Also as mentioned try ringing them and asking to unblock port 25 just be aware of the reason stated above on why they normally block it.

Improve this answer
1
  • "Can you just change the port on which you receive mail?" That's what I actually meant to ask, is it OK to do so, but according to davidgo, "You can't run a (generally accessible) incoming SMTP server on a port other then 25 as the specs don't allow for it". How certain you are that it may work?
    – xpt
    Commented Dec 21, 2015 at 15:01

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .