[SOLVED] inbound 25 blocked, problems enabling 587 to get around this

[eleith]

the submission port in my postfix looks enabled already:

Code:

smtp      inet  n       -       n       -       -       smtpd
465    inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
submission inet n      -       n       -       -       smtpd
   -o smtpd_etrn_restrictions=reject
   -o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%

but this looks like that 587 is only accepted if the email is authenticated. this is fine for local users, but how do i receive email from external users on port 587?

currently, i can send outgoing email fine (my relay host uses comcast's port 587 auth), but i would like to get incoming email working.

from the forums, it seems like i'm going down the right path, but i'm missing something.

i know another solution is to use dyndns to reroute port 25 to another port and then accept that, but surely there is another way...

[phoenix]

but this looks like that 587 is only accepted if the email is authenticated. this is fine for local users, but how do i receive email from external users on port 587?

Do you actuall mean external users that have an account on your Zimbra server or do you mean mail from people on the internet that send mail to someone@yourdomain.com?

[eleith]

sorry, i used the wrong terminology.

i just meant email external to my domain (someone from gmail/yahoo/hotmail/etc/etc) can not send me email. (because my port 25 is blocked...)

[phoenix]

sorry, i used the wrong terminology.

That's OK.

i just meant email external to my domain (someone from gmail/yahoo/hotmail/etc/etc) can not send me email. (because my port 25 is blocked...)

I think you're misunderstanding what the Submission port is, it's purely for external mail clients (Outlook, Zimbra Desktop etc..) to be able to send mail internally and relay through your server. I'm afraid you'll need to use something like the DynDNS relay service (there are others if you do a web search) as all mail servers use Port 25 to send and receive mail to each other, that's the standard and there's no other port you can use.

[eleith]

yeah. that's how i understood it, but reading through the forums, i felt maybe there was some hope...

i'm currently calling comcast to try and open up inbound at the least...

[phoenix]

yeah. that's how i understood it, but reading through the forums, i felt maybe there was some hope...

I'm afraid not.

i'm currently calling comcast to try and open up inbound at the least...

Good luck.

[eleith]

i'm commenting here for reference.

after spending some time with comcast, they clarified it was not their policy to block port 25 INCOMING. however, i'm positive it was blocked along with outgoing.

in fact, they physically sent a signal to my modem (which i rent from them) that changed the boot file and blocked the port. i even got an email about it before it happened notifying me of the port 25 changes (but it did not actually mention incoming ports, just outgoing)

anyhow, since it is not their policy to block incoming, and they claimed to not be blocking me, they agreed to send over a new boot file for my modem, and on reset, port 25 incoming, and 1 minute later, everything works!

I still had to relay out to their 587 authenticated smtp auth, but that is understandable and within good intentions.

so if you have comcast, this path should work for you as well.