Re: Redirect smtp port

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Re: Redirect smtp port

Dan Shoop

On Mar 3, 2008, at 2:21 AM, Buckie Joe wrote:

>> Is it possible to have ipfw redirect say port 2525 to 25 on tiger  
>> server, if so how? It´s a pain for my users to have to deal with  
>> ISP:s SMTP-servers and change the setting manually (iPhone)  
>> depending on where they are.
> I understand your trouble is with ISPs blocking connections to port  
> 25 and you want your smtp server to respond on port 2525 instead of  
> the default one.
> Well, I've had that trouble too and for Postfix the solution is to  
> edit your /etc/postfix/ by adding the following line:
> 2525     inet  n       -       n       -       -       smtpd
> right after
> smtp      inet  n       -       n       -       -       smtpd
> that should already be present there.

Note that 2525 is a bad port choice. A quick grep of /etc/services  
shows this port assigned. 10025 is far better, and very commonly used  
for as a high order port for SMTP.

This is a typical example of where port translation at your network  
border (on your gateway or router) is deployed. Do NAPT on your router  
(most all do) to have port 10025 map to port 25. Now there's no  
changes necessary on your system, it only needs to listen to one port,  
and  is better overall.

Another common method is to enable the submission port, which is the  
typical solution to this problem.

An even better method is to enable VPNs so your users end up virtually  
on your network and all port blocking issues evaporate. Note the  
iPhone supports VPNs as do most PDAs.


Dan Shoop
Computer Scientist
iWiring / U.S. Technical Services

[hidden email]
AOL IM .................... iWiring
Nextel .................... 1-714-363-1174
Operations TOC (24/7) ..... 1-866-901-USTS
USTS Offices .............. 1-714-374-6300

For immediate response for urgent matters please speak to the Duty  
at the USTS Tactical Operations Center (above) who can reach me by  

Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:

This email sent to [hidden email]