What if my ISP blocking port 25

Discussion in 'Server Operation' started by Desp, Nov 16, 2014.

  1. Desp

    Desp Member

    Hi all,
    First I want to take the chance to thank Falko, till and all the moderators/members here for the great help they are providing in this forum for free.

    Now for my old/new question about ISP blocking port 25.
    The situation is that I am able to send/receive emails from/to my mail server running postfix with dovecot.

    The problem is when someone register in my website www-data won't be able to send confirmation emails to the new users getting something like this:

    postfix/smtp[20993]: connect to x-eu.mail.am0.yahoodns.net[]:25: Connection timed out
    postfix/smtp[20993]: 1FB0B334108D: to=<[email protected]>, relay=none, delay=6930, delays=6900/0.03/30/0, dsn=4.4.1, status=deferred (connect to mx-eu.mail.am0.yahoodns.net[]:25: Connection timed out)

    Any idea what can make it refuse connecting other than my ISP blocking port 25 ?

    As I said before sending emails from webmail.mydomain.com using squirrelmail client have no issue at all.
    Last edited: Nov 16, 2014
  2. srijan

    srijan New Member HowtoForge Supporter

  3. Desp

    Desp Member

    Thank you for your replay srijan.
    I have tried to use my ISP SMTP last night but emails never arrive seems like the delay takes forever I will try the other solution when I reach home

    postfix/smtp[15598]: 20F8B334108C: to=<[email protected]>, relay=smtp.bredband.net[]:25, delay=134033, delays=134032/0.01/0.61/0.16, dsn=2.0.0, status=sent (250 ok: Message 762984410 accepted)
    Nov 14 03:10:26 postfix/smtp[15600]: 6AEB43341066: to=<[email protected]>, relay=smtp.bredband.net[]:25, delay=134360, delays=134359/0.02/0.64/0.18, dsn=2.0.0, status=sent (250 ok: Message 111849563 accepted

    Changing SMTP port didn't help either.

    postfix/smtp[5645]: 1FB0B334108D: to=<[email protected]>, relay=none, delay=33054, delays=33023/0.05/30/0, dsn=4.4.1, status=deferred (connect to smtp.bredband.net[]:587: Connection timed out)
    Last edited: Nov 17, 2014
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The first two lines indicate that your ISP accepted the message for delivery. So if it does not arrive, then its an issue with your ISP's mailserver.
  5. Desp

    Desp Member

    Thank you till for taking the time to check my post.
    [ sorry, too many questions that I have to figure out by myself ]

    Last edited: Nov 17, 2014
  6. Desp

    Desp Member

    Thank you once again till for saving my time. If it's ain't broken you don't need to fix it
    [Hackers Wisdom] Verify Your Account [ email arrived ]
    Scanned my host for open relay and it was green.
  7. Desp

    Desp Member

    Now to give this post some value here is what you need to do to get around blocked port 25 by your ISP:

    Contact your ISP and ask for their SMTP information. Your ISP will readily give you the information so that you can set up and configure your email. Or you can check their website for this information.

    Open your main.cf file and add the SMTP server to:

    relayhost = smtp.ispServer.com

    ** Be aware while doing this that you could be sending out spam emails without knowing about it if you are hosting websites on your server so check your websites folders with maldet and chkrootkit. Also check your mail logs frequently for outgoing mails. Don't forget to improve your postfix security.

    Example about how you can improve it, you can add this to your main.cf file:

    smtpd_helo_required = yes
    disable_vrfy_command = yes
    strict_rfc821_envelopes = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554

    smtpd_recipient_restrictions =
    reject_rbl_client multi.uribl.com,
    reject_rbl_client dsn.rfc-ignorant.org,
    reject_rbl_client dul.dnsbl.sorbs.net,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client ix.dnsbl.manitu.net,
    reject_rbl_client combined.rbl.msrbl.net,
    reject_rbl_client rabl.nuclearelephant.com,
    check_sender_access hash:/etc/postfix/access
    queue_directory = /var/spool/postfix
    default_process_limit = 100
    smtpd_client_connection_count_limit = 10
    smtpd_client_connection_rate_limit = 30
    queue_minfree = 20971520
    header_size_limit = 51200
    message_size_limit = 10485760

    ## for check_sender_access hash:/etc/postfix/access you need to create a file withe name access then:
    postmap access
    ## to create access.db otherwise you will get an error.
    Last edited: Nov 18, 2014

Share This Page