All geek questions in one place

How to bypass the ISP block on port 25 for SMTP

Yes, this question was answered in different ways, none of which answered in the way that suits my needs. Therefore, therefore, I ask my question, peculiar to my situation.

I tried maybe 5 or 6 different ways to set up a mail server (SMTP) on my backup computer at home, which I also installed to run my website. My ISP blocks several ports, such as 80 and 25, which allow you to host web servers, mail servers, ftp servers. etc. Fortunately, my domain registrar had a way to redirect my traffic to a specific port, where then I used some parameters in my router to transfer the port and redirect traffic from one port specified in the settings of my account on my registrar site to go to the port 80 on my computer with a web server that worked fine, and my website works.

However, I came to find out that by default when setting up an MX record so that I can set up a mail server, their system sends traffic to port 25 by default. (This is more likely than a web server pointer that I can specify: 012.345.678.910 : 8080, the MX record should be something like mail.mydomain.com or just mydomain.com. In their options (currently) there is no way to specify the port as you can for the website. So, I assume that two-part question: 1. I just accidentally chose a crappy domain registrar or, specifically, this is the default option by many other domain registrars that I just missed? and 2. Is there any other way to do this? My ISP charges a fee, as well as a hand for Business accounts that unlock port 25, and I donā€™t I will need to go this route. I understand that you can set your SMTP server to listen and send traffic to another port, but Iā€™m not happy if my MX domain registrar record still forwards port 25 for incoming mail. Any help or advice on this would be very helpful. Thanks.

EDIT:

I missed the obvious possibility that I could ruin my setup due to the fact that I never set up an SMTP server, so I'm completely new to this. With this sad, is it possible to confuse how the mail servers work, is there a difference or the likelihood that the Internet provider blocks incoming traffic to the outgoing port? I mean, I got confused that if I set everything up correctly, should I receive (listen) or port 25 no matter what you would like, and then send outgoing mail to the unlocked smtp port?

I still need to try sending mail from my server because I donā€™t want something to be configured incorrectly, and then get my blacklist, so I was just trying to experiment with trying to get email and, as I said , I tried about 5 or 6 (all very confusing and seemingly incomplete or not very detailed) tutorials on how to set up an SMTP server, and I still have to receive incoming mail. As a personal remark, it seems strange to me that out of several trainees, I searched and read that none of them bear almost any similarity with respect to the first part of the postfix installation; from there, everything becomes different. This does not help me understand what I can do wrong if this is really what is happening. Finally, for continuity, I went to http://port25.icannotconnect.com/ and he really said ā€œBLOCKā€.

Thanks again.

+6
source share
9 answers

Interest Ask. You seem to basically understand how SMTP works with MX records, IP addresses, and port 25 (which is the standard port with which SMTP servers accept connections from other SMTP servers).

I think you mean that your domain registrar with your website is basically an HTTP redirect. It looks like you should have an A record for your domain pointing to the IP address of the web server at your registrar, and these web servers will redirect HTTP (301 or 3012) to the home IP address on port 8080. Unfortunately, itā€™s not a similar type of redirection in the SMTP protocol.

As a workaround, which will be significantly less than an additional $ 50 per month, you can configure your mail server on a Linux cloud server. Linux cloud servers in Rackspace start at about $ 16 per month and you will have a static IP address without blocked ports: http://www.rackspace.com/cloud/servers/

+2
source

Rollernet.us has a free service that you can use to redirect incoming mail to another port, say 26, to your SMTP server. This is for small volume maintenance; if you receive many or large letters, you are temporarily suspended. Also (I have not tried this) ghettosmtp.com claims to offer this service. You can redirect the smtp port to search for commercial services for less than $ 100 a year.

+3
source

I control a remote linux server running sendmail. Ports 25, 465 and 587 are blocked, so it is impossible to bypass the unit without decisive action. I tried a random port, and it worked fine, except it had to work in mail relay mode, and many mail servers rejected my email based on this fact.

The solution was to create my own email transport system in PERL, which starts sendmail while working as a daemon in my Linux window. I installed my mail client to use the same high-range port for smtp. Now everything is under my direct control, and since the end of 2014 it has been working fine.

As long as this is not a solution that fits your criteria, it can help someone else, and I will just make two more comments.

1) Each VPS I have is only $ 20 per year, so it is very affordable; and

2) You will have better performance on the Internet if your site is hosted in a data center.

+1
source

You may be able to get your ISP to provide you with a static IP address without registering a "business account". Who is your ISP? You can get Qwest-Centurylink to give you a static IP address, for example, an extra $ 5 per month on your regular residential account, which is bad, but this is the best I could do for myself.

Ordinary service agents may try to sell you a "business account" if you say the word "SERVER", which in their minds = business. Therefore, do not say this word, ā€œSERVERā€ when you are talking to them, or you turn your brain into the ā€œSHOULD SELL AN EXPENSIVE BUSINESSā€ mode.

You can trust only the actual network specialist, if you are lucky enough to go to one, the actual guy who will set up his machine to deliver your unlocked static ip. This guy is the only guy in a telecommunications company who knows as much as you and I about what is really necessary for you.

You must tell regular service agents that they indicate "do not block any ports" when setting up your static IP address, or they can. I think this may be a general request for Internet providers from people who need a static IP address for their voice chat services, but I'm not sure.

You can use another DNS service to host your DNS records, not your registrar. May be,

http://dyn.com/support/how-do-i-delegate-my-domain/

or

http://www.opendns.com/

I think that there is at least one more free service, the name of which I canā€™t remember, is good for 2-5 free domain names that stand for DNS records. You may want to google to find out if there are any new free DNS hosts.

Perhaps you will try to configure a proxy server somewhere outside your local network, which will do a port translation for you. Rather, delivering traffic through a secure tunnel to a proxy does not require "port translation". Or just host a mail server outside your local network somewhere, why bother with a proxy? HAK5's pineapple can be a proxy for you, or any Linux device is set up properly. Do you manage a DNS server outside the home, for example, at work or at school?

The programming clubs and Linux user groups in your area will be YOUR BEST FRIENDS here after you make a friend or two there. Ask someone if they can help you by placing your mail server in a box somewhere out there, serving your DNS records or putting a proxy server in one of their mailboxes for you.

0
source

You can use Dynu email storage and forwarding. They will receive emails for your domain name and forward them to your mail server on an alternate port (for example, port 26). Thus, you can host your own email server and manage it at home, and it solves the problem of blocking the incoming SMTP protocol 25.

For the service to work, you need to set your MX records as primary and secondary, and also specify the name and port of your mail server. Hope this can be helpful.

0
source

If you use Exim as your MTA, one approach would be:

  • Set up an account without a shell (i.e. chsh - /bin/false ) on any UNIX server running the SSH daemon.
  • Configure the autossh service on your mail server while listening to DynamicForward on the local port
  • Use socks_proxy in Exim (on the SMTP transport) to cause all outgoing SMTP / send connections to tunnel through the SSH tunnel.

The advantage of using this through an intelligent host (as described in other answers) is that, assuming that the destination mail server has TLS, there is no intermediary through which your mail passes as plain text, and therefore no intermediary has the ability to track or fake your mail.

0
source

A note about email from your own server through your home connection to your ISP.

-ISP blocks common ports needed to send / receive email, dns and port forwarding can get around this.

-Powerful mail servers are quarantined or block e-mail from the residential networks of Internet providers, so even if you sent through your Internet provider, this can cause some kind of quarantine.

- Preventing abuse, viruses, and spam management attempts can consume hours every week.

This is so impractical. Business Internet providers are more expensive and allow it.

-1
source

You have unprotected WIFI connections in your area;) Otherwise, use the ISP SMTP server server settings and leave it to rest. Only another simple option that I can think of is to put the remote contact page (free hosting site) in an iframe.

-2
source

:

  • 1 friend that their isp is not blocking port 25.
  • 1 Mikrotik set up an openvpn server to provide the client with a static closed ip and a forward port tcp of 25.80 to this ip, and put it in your friends house should have their Router. Use dynamic dns updater somekind if they have a dynamic ip. Their scripts for MikroTik.
  • download and configure openvpn for your server. OpenVPN is supported by all operating systems.

The only problem is that all your internet traffic from your servers will be tunneled into your friendā€™s house

-2
source

Source: https://habr.com/ru/post/951363/

More articles:


All Articles