Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: nbeighley on August 09, 2005, 06:41:35 PM

Title: Blocked SMTP Port and my Solution
Post by: nbeighley on August 09, 2005, 06:41:35 PM

A couple of our remote users are using Earthlink dial-ups to send/receive email through our SME server (6.0.1).  Earthlink, of course, has blocked traffic on port 25   :-x

After pounding my head and searching solutions (none of which worked), I finally realized that there is a very simple way to fix this problem and wanted to share it with anyone else who may be struggling with the same issue.

It occured to me that rather than trying get qmail to listen on 2 ports or listen on a completely different port, I could use iptables to bypass Earthlink's block.

Code: [Select]


iptables -t nat -A PREROUTING -p tcp --dport 5190 -j REDIRECT --to-ports 25


All I had to do then was setup the dialup users to use port 5190 instead of the standard port 25.  This redirects all traffic on port 5190 to port 25 on the same machine AFTER the user had made the connection to the SME server through Earthlink.

As far as I can see, there are no security holes or flaws in this process, but I would welcome any input you have.

Hope this helps!

Title: Re: Blocked SMTP Port and my Solution
Post by: gordonr on August 10, 2005, 07:11:43 AM

Quote from: "nbeighley"

After pounding my head and searching solutions (none of which worked), I finally realized that there is a very simple way to fix this problem and wanted to share it with anyone else who may be struggling with the same issue.

See this thread, which does the same thing, but without mucking around directly with iptables rules:

http://forums.contribs.org/index.php?topic=24273.msg117212#msg117212

For 6.x, if your server has a static IP, you can just set up a port forward from port whatever to port 25, with the destination IP set to your external IP.

If you have a dynamic IP, you'll need to wait until 7.0, or for someone to back-port the fix to 6.x

Title: Re: Blocked SMTP Port and my Solution
Post by: nbeighley on August 16, 2005, 11:53:58 PM

Quote from: "gordonr"

For 6.x, if your server has a static IP, you can just set up a port forward from port whatever to port 25, with the destination IP set to your external IP.

If you have a dynamic IP, you'll need to wait until 7.0, or for someone to back-port the fix to 6.x

I do have a static IP, but it is routed through a Smoothwall firewall and Port Forward never worked for me, either using the external or internal ip address.

Title: Re: Blocked SMTP Port and my Solution
Post by: gordonr on August 17, 2005, 01:38:16 AM

Quote from: "nbeighley"

I do have a static IP, but it is routed through a Smoothwall firewall and Port Forward never worked for me, either using the external or internal ip address.

If the Smoothwall is doing NAT, you'll need to use the post-NAT IP. If it doesn't work, please raise a bug.