Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Our ISP Wants Us to Switch our SMTP Port - what options are there?

Posted on 2016-10-17
22
Medium Priority
?
112 Views
Last Modified: 2016-10-25
Our ISP wants their customers to switch their SMTP port from 25 to 587.  They have only given us a three week notice.  Come the end of October, they say they will be blocking all port 25 traffic flowing through their servers, even if they do not host our email.

One idea we have, is to port forward SMTP traffic leaving our network from port 23 to port 587.  Is this possible?  Would a certificate be required?  We have an SSL certificate we have entered into Exchange, but I don't know if that is related.

We are told that many other servers are not setup to accept mail on port 587 (or something to that affect), and that our email would not be successfully accepted.  It sounds like we may need a third party service to switch our SMTP protocol back to port 25, and then forward it to servers that expect port 25 traffic.  

What options do we have?
0
Comment
Question by:tmaususer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
  • 5
  • +1
22 Comments
 
LVL 97

Expert Comment

by:John Hurst
ID: 41847135
You should not be using Port 25 because it will be used for spam. You should switch to Port 587 as they request. That is what I see in use everywhere.
0
 

Expert Comment

by:Mark Haggitt
ID: 41847185
So,  can I use port forwarding.
0
 

Expert Comment

by:Mark Haggitt
ID: 41847191
So once we switch our side to port 587, will other servers have any problems receiving our email?
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 97

Expert Comment

by:John Hurst
ID: 41847194
Port 587 is for sending. Port 995 is for receiving. Once switched it should work.
0
 

Expert Comment

by:Mark Haggitt
ID: 41847198
Just curious, is it the responsibility of the email host or the ISP to block ports?
0
 
LVL 97

Expert Comment

by:John Hurst
ID: 41847199
They are controlling spam.
0
 

Expert Comment

by:Mark Haggitt
ID: 41847203
I mean, in my Cisco firewall, can I use port translation to have all my out going email sent through port 587, or are there other considerations to be made in Exchange?
0
 

Expert Comment

by:Mark Haggitt
ID: 41847204
Who is controlling spam?
0
 
LVL 97

Expert Comment

by:John Hurst
ID: 41847208
Spammers use Port 25 to send out spam and get you Blacklisted.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41847248
If your ISP starts blocking ALL traffic on port 25, that does mean that server to server traffic will be blocked and your email will not be sent to outside servers.  They block port 25 mostly for spam reasons but also because they don't want the extra server traffic on a residential account.  Most ISPs have a 'business' account available where port 25 traffic is allowed.
1
 

Author Comment

by:tmaususer
ID: 41847266
Thanks Dave.  We do have a business account.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41847275
Then you need to talk to them again and point out that you are hosting an email server which requires port 25 to talk to other email servers.  Which ISP is this?
1
 

Author Comment

by:tmaususer
ID: 41847288
I'm talking to them now.  I have talked to them 3 other times.  On this call, It seems they my be confusing business and residential and that they were also assuming we used their domain name.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41847430
Oh my...  The first people you talk to are 'phone answerers whose job is to prevent you from 'bothering' important people.  Only when you get past them do you have any chance of getting a reasonable solution.  I did say 'chance'.
1
 

Author Comment

by:tmaususer
ID: 41848108
My ISP is Comporium.  I did get a reply last night.  They said that even thought I am a business and that they do not host my domain or email, that I will still need to change my ports.  Below is there reply.  So, what steps do I need to take, simply change the port number for outgoing email in Exchange?

"After speaking with SpiritDomains and our own Media Services department, I have found that we do not host the @tm-america.com

But, I spoke with our networking department and to my understanding they are blocking port 25 for all activity on our network. The reason for this is that we have had offenders spamming
through that port due to it being insecure and effectively having our entire subnet blacklisted by a lot of different domains. Which was causing particular businesses to not be able to communicate on our network.

Because of this you will have to switch all port forwarding (or any clients using port 25) to a secure connection on another port (such as 465)
If you have any questions please contact us at the number below."
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 41848751
You can change the incoming port number for your clients but just changing the outgoing port number is not a solution as far as I know.  I think you still have to connect to port 25 at the remote email server.
1
 
LVL 97

Expert Comment

by:John Hurst
ID: 41848770
We have a hardware firewall policy preventing anything / anyone but Exchange using port 25.
0
 

Author Comment

by:tmaususer
ID: 41848791
Dave, thanks.
Yes, that is what we are hearing.  

We are told that our spam filter service can also provide something called Smart Hosting that will automatically forward our out outgoing emails from port 587 to the correct port on the receiving server.  Do you think this is an appropriate option?

I have been confused by the response below, which I know you didn't make.  

When I asked, "So once we switch our side to port 587, will other servers have any problems receiving our email?"

The reply was:
"Port 587 is for sending. Port 995 is for receiving. Once switched it should work."
0
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 1500 total points
ID: 41848800
Unfortunately, you are dealing with morons.  And I couldn't find another ISP for your area.  Port 587 is used for sending from a client to the server and 995 is used by the client to receive from the server.  I could be wrong but that's how my emails are set up.

If your spam filter service is located outside the Comporium network, you could call them to get their viewpoint on the problem.
1
 

Author Comment

by:tmaususer
ID: 41848820
Good idea, thanks!  I did email the guy who was involved in setting up the network.  He said this isn't a simple matter.  I'm going to make a list of steps I think I need to take and post it.  Maybe you can help me see what I am overlooking or chasing my tail?
0
 

Author Comment

by:tmaususer
ID: 41848838
I have made a list of steps I think I have to completed to successfully transition to port 587.
Could you let me know where I am barking up the wrong tree or completely overlooking something important?

1.       Run the shell command to switch outgoing mail to port 587.
2.      Change the port number in the SMTP Virtual Server.
3.      Change the port number in scripts or programs that specifically state port 25.
a.      Do I even need to worry about this internal to my network?
4.      Notify our third party spam filter to enable something like Smart Hosting so that our outgoing email can be switched back from port 587 to port 25 for receiving servers that require port 25.
0
 
LVL 97

Expert Comment

by:John Hurst
ID: 41848841
I think the steps should work. As I noted, we block the use of port 25 at our hardware firewall except for legitimate (known) use.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question