Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!
Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!
Act now. This offer ends July 14, 2017.
Course Of The Month
6 days, 16 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Are there special considerations for opening port 587 on a firewall?
Posted on 2016-10-28
Our ISP has required us to switch our SMTP traffic from port 25 to 587. (Interesting note: We are a business with a business account.)
I have duplicated the STMP configuration lines in our firewall, replacing “SMTP” with “587”. I think the port is now open.
Someone claims they are not seeing traffic sent on port 587, and has asked us to prove it is not an issue on our firewall. We are receiving traffic on port 587.
Would there be additional steps after opening the port such as setting some kind of authentication or encryption in the firewall for port 587?
I have duplicated the STMP configuration lines in our firewall, replacing “SMTP” with “587”. I think the port is now open.
Someone claims they are not seeing traffic sent on port 587, and has asked us to prove it is not an issue on our firewall. We are receiving traffic on port 587.
Would there be additional steps after opening the port such as setting some kind of authentication or encryption in the firewall for port 587?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
6-
5
11 Comments
This is the config:
access-list 101 extended permit tcp any host xxx.xxx.xxx.xxx eq smtp
static (inside,outside) tcp interface smtp xxx.xxx.xxx.xxx smtp netmask 255.255.255.255
access-list 101 extended permit tcp any host xxx.xxx.xxx.xxx eq 587
static (inside,outside) tcp interface 587 xxx.xxx.xxx.xxx 587 netmask 255.255.255.255
access-list 101 extended permit tcp any host xxx.xxx.xxx.xxx eq smtp
static (inside,outside) tcp interface smtp xxx.xxx.xxx.xxx smtp netmask 255.255.255.255
access-list 101 extended permit tcp any host xxx.xxx.xxx.xxx eq 587
static (inside,outside) tcp interface 587 xxx.xxx.xxx.xxx 587 netmask 255.255.255.255
Active 1 day ago
If you have a mail server and you are a business, you need port 25 open and your provider should honor that.
If you don't have a mail server and you want to send outbound mail relayed through an external server, your provider may be asking you to send that mail via port 587 (the submission port).
At any rate, if the email is outbound only, your firewall shouldn't need to be changed.
If you don't have a mail server and you want to send outbound mail relayed through an external server, your provider may be asking you to send that mail via port 587 (the submission port).
At any rate, if the email is outbound only, your firewall shouldn't need to be changed.
Thank you,
They have refused. They say they are doing this for all accounts - business and residential, weather or not they host our email or domain. We have talked to them 5 times to verify. Many people have said this is extreme.
Yes, we host our own email server onsite.
They have refused. They say they are doing this for all accounts - business and residential, weather or not they host our email or domain. We have talked to them 5 times to verify. Many people have said this is extreme.
Yes, we host our own email server onsite.
Active 1 day ago
Seriously, if you have an internal mail server, then change providers.
This is worse than ridiculous.
This is worse than ridiculous.
Active 1 day ago
So, between DSL, wireless, cable tv, ethernet, and ftth there is but one option?
I know some rural areas lack competition but -- no one else?
I know some rural areas lack competition but -- no one else?
Well, we don't want DSL. I am going to check windstream and level 3. Cable is monopolized by the same company giving us trouble. what is ftth? Would Ethernet be direct site to site?
Active 1 day ago
fiber to the home. and yes, ethernet, with or without switching, is site to site.
definitely call windstream and l3.
this company does not deserve your business.
definitely call windstream and l3.
this company does not deserve your business.
Featured Post
We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
Both in life and business – not all partnerships are created equal.
As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
The Email Laundry PDF encryption service allows companies to send confidential encrypted emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month6 days, 16 hours left to enroll
726 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.