Rob Brenart wrote:
Fred Viles wrote:
On 21 Nov 2005 at 16:06, Rob Brenart wrote about
"Re: [exim] smarthost relay problems":
| Fred Viles wrote:
| >
| > What machine is this exim running on? Is it connected to the | >
Internet by an ISP that blocks outbound port 25?
| >
| > | It's on my local server sitting under my desk... connected
through SBC | DSL.. I didn't think port 25 was blocked, but I could be
wrong
I think SBC has recently (for some value of "recent") started
instituting port 25 blocking. Demonstrably, they are doing it in your
case. Your smarthost definitely is listening on port 25, I can
connect to it just fine.
I have no idea whether you can get SBC to remove the block for you.
If you have dynamic IP, almost certainly not. If you have static IP,
it may be worth a try.
Port 25 blocking (or worse, transparent proxying) is becoming very
common these days, thanks to all the worms that turn PCs into spam
zombies. Any mail server that wants to support relaying for external
clients pretty much has to support connections on some other port.
That's one of the things port 587 (the MSA, "Mail Submission Agent"
port) is good for.
- Fred
OK, then I'm sold... trying to do this port 587 thing right now... just
have to find how to do it :)
Thanks to all for the advice, hopefully this will be the solution, I'll
certainly let you know if it works
Upstream connectivity providers that block port 25 often *cannot* open it.
The law of the land (federal/national) in some jurisdictions, requires
subscribers to
send only over the ISP's facilities. One neck on the block when
tracking down abuse.
In such places, or in general, upgrading to a higher-grade 'business'
service,
one with fixed-IP, either from the same provider, or one that contracts
to work
over their 'wire', may be the easiest way to get an unblocked service.
In which case you no longer need their smarthost.
The fixed-IP covers the legal need to be able to track down abuse.
It is also a lot nicer to have for many reasons.
Expect to sign a higher-grade contract/ToS, to explain what you need to do,
and pay more for the same bandwidth. (double or even triple)
Bright side is you usually get to talk to an upstream tech that knows
more than just:
"Close all your applications and reboot Windows". ;-)
Ours even configured his firewall with my ruleset for me, and NAT'ed our
old internal
LAN IP's so we didn't have so many boxen to reconfigure.... then saved
the config so he
was able to DLD it into a new interface when ours succumbed to HKG
summertime heat a year later.
YMMV...
Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
