Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ISP blocking port 25 outbound

Posted on 2004-09-27
11
Medium Priority
?
4,385 Views
Last Modified: 2013-12-17
My ISP just started blocking port 25 outbound to reduce spam.  Don't get me started on my feelings baout this, but basically they said if I want unfiltered access I would need to upgrade to the business plan which is double the cost.  Anway, I have sendmail on a remote server that I use to send email.  I have it to listen on port 25 and now I would like to have it listen on port 2525 as well which is not blocked.  The server uses TLS.

If I add DAEMON_OPTIONS(`Port=2525, Name=MTA, M=Ea') to the sendmail.mc then it stops listening on port 25.  If I add

DAEMON_OPTIONS(`Port=smtp, Name=MTA, M=Ea')
DAEMON_OPTIONS(`Port=2525, Name=MTA, M=Ea')

Then it listens on both ports but when someone tries to send me email I get a proper authentication required error.  Can someone help?  Thanks.

0
Comment
Question by:ingenito
  • 5
  • 5
11 Comments
 
LVL 6

Expert Comment

by:anfi
ID: 12162891
Try this:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')
DAEMON_OPTIONS(`Port=2525, Name=MTA-2, M=Ea)

In M= section:
* "E" disables ETRN support
* "a" forces SMTP AUTh from all connecting clients

0
 
LVL 40

Expert Comment

by:jlevie
ID: 12164373
Have you considered using:

dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl


0
 

Author Comment

by:ingenito
ID: 12167461
jlevie,

I tried uncommenting that section but then it disables port 25 which I do not want to do.  I want to have both port 25 and 2525(or whatever other port I really dont care).

anfi,
This works and makes sendmail listen on both ports.  However, port 2525 no does not work correctly.  Port 25 works great, it still requires an SSL connection and a logon.  However, when I change Outlook to use port 2525 instead I get this error from Outlook

'Your ourgoing (SMTP) server does not support SSL-secured connections.  If SSL-secured connections have worked in the past, contact your server administrator'

and this error in the maillog:
Sep 28 04:23:01 ns1 sendmail[3283]: i8S8N1xF003283: ool-4354896d.dyn.optonline.net [67.84.137.109] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-2

And like I said, this works fine from port 25, the only thing I change is the port to 2525.

Thanks for the help
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 6

Expert Comment

by:anfi
ID: 12167646
Sendmail support 2 types of encrypted connections:
a) STARTTLS
it is a special ESMTP command to turn unecrypted connection into encrypted one
b) SMTPS
The connection is enctyped from the very begin

All modern email clients support STARTTLS, some older email client support SMTPS but no STARTTLS.

To make sendmail 8.13 service  SMPTS port use:
DAEMON_OPTIONS(`Port=2525, Name=MTA-2, M=Es)

http://www.sendmail.org/8.13.0.html
[...]
      Support for SMTP over SSL (smtps), activated by Modifier=s
            for DaemonPortOptions.
0
 

Author Comment

by:ingenito
ID: 12168711
anfi,

I want to use STARTTLS, since that is what is working correctly on port 25.  These are the lines from my sendmail.mc file:

DAEMON_OPTIONS(`Port=smtp, Name=MTA')
DAEMON_OPTIONS(`Port=2525, Name=MTA-2, M=Ea')

I still see this error in the log
Sep 28 08:25:37 ns1 sendmail[9558]: i8SCPb9M009558: [12.111.3.130] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-2
Sep 28 08:25:37 ns1 sendmail[9559]: i8SCPb9M009559: [12.111.3.130] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-2

Please help.

0
 
LVL 6

Expert Comment

by:anfi
ID: 12168790
telnet port 2525, write "EHLO xxx"(enter) command, check if STARTTLS is listed in the reply.
0
 

Author Comment

by:ingenito
ID: 12169541
Yes it is, here is the reply

250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-STARTTLS
250-DELIVERBY
250 HELP

Here is the reply from port 25:
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP

It looks like ETRN is on port 25 but not 2525.  I am not sure what that is.  Thanks.
0
 

Author Comment

by:ingenito
ID: 12169602
Also, I tried using DAEMON_OPTIONS(`Port=2525, Name=MTA-2, M=a') instead but it still doesn't work.
0
 
LVL 6

Expert Comment

by:anfi
ID: 12169743
Add this to your *.mc file and check if your outlook can send email via encrypted connection to port 2526:

DAEMON_OPTIONS(`Port=2526, Name=MTA-2, M=Es)

NO=> Write which version of outlook to you use
(Outlook/Outlook Express + version number)
0
 
LVL 6

Accepted Solution

by:
anfi earned 400 total points
ID: 12169746
Sotty use the following line:

DAEMON_OPTIONS(`Port=2526, Name=MTA-3, M=Es)
0
 

Author Comment

by:ingenito
ID: 12169849
anfi,

This worked, thanks alot.  I changed the lines in my mc file to:

DAEMON_OPTIONS(`Port=smtp, Name=MTA')
DAEMON_OPTIONS(`Port=2525, Name=MTA-2, M=Es')

and it worked.  Thanks!
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question