Having been accomodating about it in the past, the technical geniuses at Comcast have permanently blocked port 25, separating me (at my home office) from my employer's e-mail server. What can be done on the server side to keep Postfix listening on 25 _and_ accept my connections on some other port? Is there a Postfix solution? iptables maybe? Miark
On Jan 18, 2008 4:11 PM, Miark <mlist2 at gardnerbusiness.com> wrote:> Having been accomodating about it in the past, the technical > geniuses at Comcast have permanently blocked port 25, separating > me (at my home office) from my employer's e-mail server. > > What can be done on the server side to keep Postfix listening on > 25 _and_ accept my connections on some other port? Is there a > Postfix solution? iptables maybe?Several places like dyndns offer a 'mailhop' option for just such ISPs. local solutions won't work overly well, as it's outside world folks who will be expecting 25 or 465 and not getting to you. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell
On Jan 18, 2008 4:11 PM, Miark <mlist2 at gardnerbusiness.com> wrote:> Having been accomodating about it in the past, the technical > geniuses at Comcast have permanently blocked port 25, separating > me (at my home office) from my employer's e-mail server. > > What can be done on the server side to keep Postfix listening on > 25 _and_ accept my connections on some other port? Is there a > Postfix solution? iptables maybe? > > MiarkA "simple" solution would be to use SSH port forwarding from your system to the remote server. You'd need SSH access to another server outside of Comcast's network, like maybe one at work. Then you would use the SSH command line: ssh -L 2525:mailServer:25 -N username at remoteServer where mailServer is the DNS name or IP address of the mail server, and remoteServer is the server name you have ssh access to. Then you set your outgoing mail server to 127.0.0.1 port 2525. The more complex solution is to set up a VPN between your office and the work office. Another option is to just use the Comcast mail server for outgoing mail, depending on your requirements.
Brian Mathis wrote:> On Jan 18, 2008 4:11 PM, Miark <mlist2 at gardnerbusiness.com> wrote: > > Having been accomodating about it in the past, the technical > > geniuses at Comcast have permanently blocked port 25, separating > > me (at my home office) from my employer's e-mail server. > > > > What can be done on the server side to keep Postfix listening on > > 25 _and_ accept my connections on some other port? Is there a > > Postfix solution? iptables maybe? > > > > Miark > > A "simple" solution would be to use SSH port forwarding from your > system to the remote server. You'd need SSH access to another server > outside of Comcast's network, like maybe one at work. Then you would > use the SSH command line: > ssh -L 2525:mailServer:25 -N username at remoteServer > where mailServer is the DNS name or IP address of the mail server, and > remoteServer is the server name you have ssh access to. Then you set > your outgoing mail server to 127.0.0.1 port 2525. > > The more complex solution is to set up a VPN between your office and > the work office. Another option is to just use the Comcast mail > server for outgoing mail, depending on your requirements.Or activate the MSA port (587) on the Postfix server. This is used specifically for submitting outgoing mail and usually requires SMTP authentication. It should be fairly easy to configure, but I'm not familiar with Postfix, so I can't help you there. -- Bowie
On Fri, 2008-01-18 at 14:11 -0700, Miark wrote:> Having been accomodating about it in the past, the technical > geniuses at Comcast have permanently blocked port 25, separating > me (at my home office) from my employer's e-mail server. > > What can be done on the server side to keep Postfix listening on > 25 _and_ accept my connections on some other port? Is there a > Postfix solution? iptables maybe?I have had similar problems with some of my hosting clients. We configured postfix to also listen on port 2525 as follows: In /etc/postfix/master.cf file, locate the lines that look like this: smtp inet n - n - - smtpd -o cleanup_service_name=pre-cleanup Add the following lines right after them: 2525 inet n - n - - smtpd -o cleanup_service_name=pre-cleanup Then just do a 'postfix reload' and you should be in business. HTH, Rich> > Miark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos-- Rich Huff <rich at richhuff.com>
Thanks to everybody for the responses. The winning solution was Ricks (see below) which worked like a charm after poking a suitable hole in my firewall. Miark> [To listen to port 2525], in /etc/postfix/master.cf file, > locate the lines that look like this: > > smtp inet n - n - - smtpd -o cleanup_service_name=pre-cleanup > > Add the following lines right after them: > > 2525 inet n - n - - smtpd -o cleanup_service_name=pre-cleanup > > Then just do a 'postfix reload' and you should be in business.