ISPconfig, blocked ports (pop/smtp), Authentication/SSL

Discussion in 'Installation/Configuration' started by orasis, Mar 18, 2007.

  1. orasis

    orasis Member

    My ISP is probably blocking ports 110 and 25 same as lots of other ones. I forwarded from different outside ports and pop/smtp works fine locally, same as from outside with a little problem.

    The server can send/recieve emails to/from it's services (using DynDNS). It can also send emails via other mail servers, but cannot recieve emails from other servers from the outside. Example:

    The Server can send an email using it's accounts, to an email account existing on the server (lan/internet). The Server can also recieve an email from an account existing on the server (lan/internet). The Server can send an email to a hotmail account or any other mailbox out there. But an email sent from a hotmail account cannot be recieved by my server, same as from other mail servers from outside.

    Probably cause I got no rule on router except [ Inside port 25 > Outside port 8025 ] ? Or do you think it is something different that I did wrong here ? Do you think I can do some sort of a different trick to let the server work perfect with pop/smtp ? Maybe change the config files of ISPconfig ?

    netstat -tap shows that all ports that should be listening are in LISTEN state but checking the tool, I get "Connection timed out" on all ports that I haven't forwarded to use a different port to the Outside. this makes me believe that they are blocked by the isp or is it something else I could check ? scanner shows the forwarded ports in state "Open" and the non forwarded in state "Stealthed".

    Finally, SSL for pop/smtp should be working right ? Haven't tested this fully yet. Also, should the server ask for "Authentication" (incoming/outgoing) ?

    any kind of help will be appreciated
    thanks very much
  2. Hawker

    Hawker New Member

    To my knowledge, if your ISP is blocking port 25 there isn't anything you can do.

    All mail servers use port 25. Forwarding it to a different outside port would be like listening to pure silence. No mail server would ever connect to that port.
  3. orasis

    orasis Member

    thanks for the reply. I fully agree with you, but is there something else you could do ?
  4. Hawker

    Hawker New Member

    If there was a way around it, the spammers would have every server in the world bogged down 24 hours a day with spam.

    Personally I wish more ISPs would block port 25 except for legitimate businesses. Then I wouldn't have to play with firewall and smtpd blocks on a daily basis. :)
  5. orasis

    orasis Member

    can you explain that alittle if you don't mind ? :)

    I guess the main reason why they block ports is to pay them some more for those services maybe ? :)
  6. Hawker

    Hawker New Member

    Well, if you're actually able to send mail from your server then smtp on port 25 isn't blocked.

    The reason many ISPs block port 25 is to prevent fly by night mail servers that propogate spam. They would prefer if you send mail through their servers so they can track and prevent mass mailings.
  7. orasis

    orasis Member

    but if I forward [ outside port 25 > inside port 25 ] then nothing works. Then something else goes wrong ? hmhm

    yeah that sounds reasonable.
  8. orasis

    orasis Member

    I just got a responce email, into the mailbox I tried to send an email to my server:

  9. Hawker

    Hawker New Member

    Ok, let's take a different approach...

    Do you have mail and mx records set up in your DNS?
  10. orasis

    orasis Member

    ahm ... well,

    Wildcard: Y
    Mail Exchanger: [same address as Hostname, is that right ?)
    Backup MX: N

    What else to add or change ?

    in ISPconfig both DNS and DNS-MX are checked
    Last edited: Mar 18, 2007
  11. Hawker

    Hawker New Member

    I just now noticed a keyword in your first post... DynDNS

    You may not have them configured properly in their DNS.

    Dynamic DNS is a world I know nothing about when it comes to servers. I can't help there. :(
  12. orasis

    orasis Member

    I am on it
  13. orasis

    orasis Member

    I had to call the ISP to open all blocked ports for me and they did. right now everything works perfect. :)

    thanks very much Hawker for your help, thanks alot
  14. falko

    falko Super Moderator ISPConfig Developer

    Wow. On a Sunday! Not bad... :)

Share This Page