Control Web Panel
WebPanel => CentOS 6 Problems => Topic started by: johnny09 on July 07, 2016, 01:46:17 PM
-
Hello,
my ISP is blocking port 25, so I would like to try port 26 to handle mail.
How can I open port 26 in ip tables?
Thanks
-
if you do not use firewall you do not need to change iptables, you need to change server to listen on port 26.
if you are behind some router you can do it in router by forwarding external port which you want to internal 25...
here you have tutorial for postfix: http://sharadchhetri.com/2013/03/06/how-to-change-smtp-port-number-25-in-postfix/ (http://sharadchhetri.com/2013/03/06/how-to-change-smtp-port-number-25-in-postfix/)
-
At the roundcube webmail I try to send a test mail and get:
SMTP Error (-1): Connection to server failed.
Renamed SMTP to 26, in terminal I get
tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 16129/master
and some other
So, Connection to server failed. code -1 does that mean autentification error???
-
Did you restart mail server after change?
netstat -nlp | grep :26
check is listening on 26 port...
-
Yes, restarted the postfix mail service.
Get this:
tcp 0 0 0.0.0.0:26 0.0.0.0:* LISTEN 22161/master
-
Firewall is enabled, maybe it is connected somehow?
-
seems ok to me try to telnet remotely on that port and see is there response or scan with some tool to see is it opened, if its opened should work but to be shore check email log and see is there some errors.
-
Port 26 is open.
Mail log have errors, mails are in queue:
host postfix/qmgr[2803]: 8FF0F240A35: to=<dell.webserver@gmail.com>, orig_to=<root>, relay=none, delay=77, delays=0.03/77/0/0, dsn=4.3.0, status=deferred (mail transport unavailable)
Jul 13 14:45:41 host postfix/smtp[19518]: connect to alt2.gmail-smtp-in.l.google.com[173.194.72.26]:25: Connection timed out
Jul 13 14:45:41 host postfix/smtp[19518]: connect to alt3.gmail-smtp-in.l.google.com[74.125.25.26]:25: No route to host
Jul 13 14:45:41 host postfix/smtp[19524]: connect to alt3.gmail-smtp-in.l.google.com[74.125.25.26]:25: Connection timed out
Jul 13 14:45:44 host postfix/smtp[19518]: connect to alt4.gmail-smtp-in.l.google.com[74.125.198.26]:25: No route to host
Jul 13 14:45:44 host postfix/smtp[19518]: 675082408ED: to=<dell.webserver@gmail.com>, orig_to=<root>, relay=none, delay=93, delays=0.09/0.06/93/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[74.125.198.26]:25: No route to host)
-
Any ideas?
Router is blocking something?
Ports are opened!
-
check the router first, logs show you cant connect to gmail server something is blocking if router doesn't have any restrictions there maybe its on provider side...
-
What do I need to check at the router?
-
You need port 25 open, if cant, useless
Another way is relay to another server, will work with other port than 25
-
Will ask at Mikrotik forum how to do that! Thanks for the help guys ;)
-
One more thing, can I use google smtp ip 173.194.77.108 as a relay?
-
yes you can use google smtp port 587, at very limited daily rate.
afaik, outgoing email address will (forced) change to use authenticated user for smtp submission.. i hope you understand what i mean ;D
these links may usefull for you
http://www.jscape.com/blog/smtp-ports
http://blog.simplehost.web.id/2016/02/23/set-up-postfix-for-relaying-emails-through-another-mailserver/
-
I use smtp on my router to send mails about loged in, locked out users and so on. Will take a look...
-
I had an ISP who blocked port 25 too. I had to wait it out and the datacenter later unblocked it. I had to request my server IP to be whitelisted on a lot of email services like hotmail, and aol to just name two.
If you're using something like Xenforo, WordPress, or even Microsoft Outlook; I'd suggest looking into Amazon's Email service, at least until you have your ISP unblock 25. It's the easiest solution and just waiting it out. I think it's called Amazon SES. But you could also use a hosting company that gives you a mailbox like HostMetro's Mailbox service. You pay for each domain I think. So keep that in mind.
Hope I've given some helpful advice. It's a waiting game though with the ISP ;) I would know haha. and that's if they ever unblock it.
-
(host smtp.gmail.com[209.85.233.108] said: 530 5.7.0 Must issue a STARTTLS command first. t10sm164144lfd.18 - gsmtp (in reply to MAIL FROM command))
How to fix it? Some say that you’re missing smtp_use_tls=yes but I dont...
Main.cf conf:
# postfix config file
# uncomment for debugging if needed
soft_bounce=yes
# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4
# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
# network settings
inet_interfaces = all
mydomain = id.lv
myhostname = host.blabla.lv
mynetworks = $config_directory/mynetworks
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf
# mail delivery
recipient_delimiter = +
# mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
transport_maps = hash:/etc/postfix/transport
#local_recipient_maps =
# virtual setup
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_minimum_uid = 101
virtual_uid_maps = static:101
virtual_gid_maps = static:12
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
# debugging
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
# sets gmail as relay
relayhost = [smtp.gmail.com]:587
# use sasl when authenticating to foreign SMTP servers
smtp_sasl_auth_enable = yes
# path to password map file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
# Change mail.example.com.* to your host name
smtpd_tls_key_file = /etc/pki/tls/private/host.blabla.lv.key
smtpd_tls_cert_file = /etc/pki/tls/certs/host.blabla.lv.crt
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
#smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
# eliminates default security options which are imcompatible with gmail
smtp_sasl_security_options =
# rules restrictions
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net
smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
# Other options
# email size limit ~20Meg
message_size_limit = 204800000
mailbox_size_limit = 2048000000
# Limit 500 emails per hour per email address
anvil_rate_time_unit = 3600s
smtpd_client_message_rate_limit = 500
-
So from this, created the tls_policy:
http://askubuntu.com/questions/228938/how-can-i-configure-postfix-to-send-all-email-through-my-gmail-account
Now I get: (TLS is required, but our TLS engine is unavailable)
Trying but no luck :-[, how to fix this: (delivery temporarily suspended: TLS is required, but our TLS engine is unavailable) :o
-
It works :)
Solution:
main.cf
For more tls logging: smtp_tls_note_starttls_offer = yes
comment out or remove:
smtp_tls_CAfile = /etc/ssl/certs/savannidgerinel_com_CA.pem
smtp_tls_cert_file = /etc/ssl/certs/apps.savannidgerinel.com.pem
smtp_tls_key_file = /etc/ssl/private/apps.savannidgerinel.com.key.pem
BUT NOV i can send mail from my roundcube mail to gmail and other mails, but cant send back to roundcube mail...
If iI send form roundcube to gmail, reply from gmail to roundcube my mail gets sent to the relay hosts gmail.
How to fix that?
What do I need to change to get mails sent back to roundcube mail? A bit confused!!! But it works t least :o