How and where is the corect way to close smtp port 25. We have a cert and want only use port 587. Sholud we close it on the router the firewall in ISPConfig or comment it out from master.cf?
I would close it in the earliest point that you control, so if the server is behind a router, then the router would be that point. If no router is used, then close it in the firewall of the server.
I know this is an old topic, but I didn't have time to reply and trying to fix the problem. When I close port 25 for my mail server (router or firewall), I do not get incoming e-mail from outside the server. I can send and recieve mail only for my email domains. Any clue what can be the problem? Mail server is configured for STARTLS so it uses port 587 for SMTP instead of 25. my master.cf
Hello, mail servers always communicate via port 25, so closing the server's port 25 is quite a bad Idea (no mails going out or coming in then).
So how do some close port 25 for preventing of SPAM? We're are using TLS so we use port 587, so port 25 is not used. That's why we want to close it. But when we close it we can't recive mail.
can you explain a bit what do you mean by installing rbls? I only found that you meant a Real-time Blackhole List or Blacklist. But doesnt ISPConfig have a blacklist option in spamfilter?
Yes, port 25 is needed. Servers only communicate on that port. RBL is in ISPConfig Interface but you have to insert your preferred rbl servers there to enable those lists.
Ok... then I have bad info about blocking port 25. I found that I can add the rbl in postfix main.cf Code: smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, check_client_access mysql:/etc/postfix/mysql-virtual_client.cf, reject_unknown_client But I've found a post where Till writes that it should not be done manually but to use the "rbl field in ispconfig". https://www.howtoforge.com/community/threads/new-ispconfig-install.67697/#post-322173 I can't find this RBL field in ISPConfig and nothing for adding rbls in the manual. The only thing is in the Email ->Global Filters -> Postfix Blacklist. Is that it? So I should add the rbl zen.spamhaus.org into "Blacklist address" and select Client in "Type"?