When they send e-mail, their client contacts your server at your
location on port 25? No ISP should be blocking that because anybody
using an external mail service would need port 25. I send mail out to
3 different servers on port 25, depending on which account I'm using.
Are you sure it's not a local firewall or host firewall that is
blocking the traffic? Can you login to these things remotely?
If you have a router / fw in front of your mail server that can do port
forwarding (my $30 netgear router does it), I would just use that and
set it up to forward all incoming packets on 2525 to server_ip:25
I need more information about how your mail server is setup. Is it at
your home, a hosting center, another business?
INTERNET <--> ROUTER / FW <--> MAIL_SERVER with internal or
external IP?
Chad
Marc Zucchelli wrote:
I tried the iptables command that Chad provided me with on
my test server:
iptables -A FORWARD -i eth0 -p tcp --sport 2525 --dport 25 -d mailserver_IP -j ACCEPT
I set the ip address correctly, tried several variations, and I'm not getting a port forward. I get refused connections when I try to connect to 2525. I have seen several sites on the internet do it with NAT, but I'm not trying to send these packets to a different server, same one. Do I have to use NAT? Any other suggestions? My iptables skills are weak!
Chad Vogelsong <chad@vogelsong.net> wrote:
Marc,
Can't you just SSH or VPN into the server that you are hosting their
e-mail on?
If they have a business level internet package, port 25 should no be
blocked. Talk to their ISP about that. If they have a consumer level
package, tough luck.
It would be trivial to create an iptables forward rule to forward
mailserver:2525 to mailserver:25. Make the rule on the router/firewall
something like this:
iptables -A FORWARD -i eth0 -p tcp --sport 2525 --dport 25 -d mailserver_IP -j ACCEPT
Assuming that eth0 is the router/fw external interface. YMMV.
Chad
| |
I'm hosting a clients email on my server. Something went
wrong with their router and it's blocking port 25. I won't have the
time to make the long trip up to fix it for them for a while, so I was
thinking about maybe openning up a higher port on the same server, and
just tunneling that to port 25, and it will be easy enough for me to
walk them through changing their outgoing port in their email
software. What is the best way to pull this off? This is just a
temporary solution so I don't lose them!
Get your own web address.
Have a HUGE year through Yahoo!
Small Business. |
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements -
http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
Finding fabulous fares is fun.
Let
Yahoo! FareChase search your favorite travel sites to find flight
and hotel bargains.
___________________________________________________________________________
Philadelphia Linux Users Group --
http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
--
Chad Vogelsong
csv@gamebox.net
Tel: +1 267 498 2380
Fax: +1 267 646 0202
Skype: cvogelsong
Gizmo: psudilbert
SIP #: +1 747 101 2570
AIM: CMPENGpsu
Yahoo: psudilbert
MSN: wicket_weasel@hotmail.com