Background: Spammers learned a long time ago that getting their IP address blocked meant they could send less spam. So, via viruses, they borrow unsuspecting windows computers IP addresses to send spam. They don’t much care if your IP gets blocked by some mail servers out there. But your ISP doesn’t really want tons of spam spewing from it’s network. Thus, ISPs block port 25 outgoing from customers to keep infected windows computers from acting like smtp servers and sending spam.
Problem: But, what if you want to run a legitimate smtp server of your own on your dsl, cable, or wireless connection, and you don’t want to use your ISPs mail server for some reason. Maybe it’s business email that you want to have better visibility into delivery problems, or your ISP’s email service is less than acceptable. With port 25 blocked, you have a few possible solutions.
- Ask your ISP to open port 25 for you. This usually means will be required to have a static IP, which costs more. This is a good solution if you also plan to host other content on your ISP connection, and don’t mind paying a bit more.
- Work around the problem yourself. This requires a smarthost – a server on the Internet that will accept and relay mail for you. Normally, a smarthost accepts mail on port 25, but unless your ISP is your smarthost, this won’t work if port 25 is blocked to other smtp servers. As long as you have a username and a password to authenticate with an smtp server on the Internet you can use this method to relay all of your mail through that server.
So, the workaround: (assuming you are using Sendmail)
- Install the sendmail-cf package if it isn’t already installed.
- Edit /etc/mail/sendmail.mc and add the following lines:
define(`RELAY_MAILER_ARGS', `TCP $h 587')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')
FEATURE(`authinfo',`Hash -o /etc/mail/authinfo.db')dnl
- In the authinfo file, add a line like this: (replace username and password with your username and password)
AuthInfo: "U:username" "P:password" "M:PLAIN"
- After you’ve make the config changes, run makemap to generate the authinfo.db file
- cd /etc/mail
- makemap hash authinfo < authinfo
Then run one of these (more than one may work on your platform):
- make -C /etc/mail (redhat, fedora)
- sendmailconfig (ubuntu)
- m4 sendmail.mc > sendmail.cf (generic, others)
Also, make sure that your connection is encrypted when you connect to the smtp server.
This should show in your sendmail logs as “STARTTLS=client, relay=smtp.your.provider., version=TLSv1/SSLv3…”
If the connection isn’t encrypted, choose another smarthost.