SMTP Port 25 * Access Denied! *

Over the last few months we have had an increasing number of support calls that relate to failing SMTP connections over Internet connections.

This can happen on a range of network connections, whether it’s mobile devices on 3G or home users trying to access their MDaemon mail server. Even businesses can find that they can no longer create outbound SMTP sessions on port 25 on their office broadband connections.

So whats going on here and why is SMTP Port 25 traffic getting blocked left right and centre?

Well the simple answer is SPAM, and more importantly the need to try and control the vast amounts of it flooding ISP’s networks from compromised customised PC’s

You see when an internet connected PC gets compromised often a rogue ‘spambot’ program gets installed that becomes part of a bigger ‘botnet’ of compromised PC’s. Acting like a huge army of soldiers waiting for orders, these botnets can be assigned the task or deliver huge quantities of SPAM email to a range of random mail servers on the Internet. All this SMTP traffic will sent out using port 25

An ISP can easily get flooded by all this unwanted traffic from a large number of compromised PC’s on their customers networks. So to tackle this issue a number of ISP’s have started to only allow SMTP traffic to connect to their own SMTP servers  and will activly block any other port 25 traffic they detect on their network

For the majority of home users that are either using the ISP’s own mail servers or other cloud email solutions this will usually not cause an issue and will infact improve their network speeds by freeing up the network for other more important data.

However if you are a business hosting an MDaemon SMTP server of your own or if you work from home or use a mobile device and send email to your MDaemon server on port 25 you could be blocked in the same way as a compromised PC would be.

Using alternative SMTP ports in MDaemon

Luckily MDaemon is a very flexible mail server and out of the box is already configured to answer SMTP mail requests on several other ports that you can use:

Port 366 or 587 (for unencrypted SMTP sessions) and Port 465 for SSL encrypted SMTP sessions.

These are configured under the ‘Default Domain & Servers > Ports’ section…

To be able to use these ports outside of your network you will need to make sure the relevant firewall holes are created to allow access, in exactly the same way port 25 was configured and pointed to your MDaemon server.

For additional security we do recommend that you use the SSL SMTP (port 465) where possible and to do this will require that you have a SSL certificate created or installed.

To create a self signed certificate have a look at this Knowledge base article which details the steps involved.

Once setup you will have to reconfigure your external mail clients to use the new port or if using SSL there is usually an option for this and a section to define the port.

Problems sending email From MDaemon

If you are having problems sending outbound SMTP email from MDaemon then the best option is to configure MDaemon to use a upstream SMTP smart host at your ISP to send the email on your behalf.

This option is configured under the ‘Default Domain & Servers > Delivery’ section…

Enter the SMTP mail server of your own ISP not ‘mail.yourISP.com’.

Now MDaemon will not send email directly to the recipients mail server but instead will pass all messages onto the specified Server.

If you have any issues setting this up don’t forget we are here to help in Support

Related articles

2 thoughts on “SMTP Port 25 * Access Denied! *

  1. Pingback: RIM release important security patch for BES – also affects MDaemon customers | Zen Software Blog |

  2. Pingback: New video: Introduction to MDaemon webinar recording | Zen Software Blog |

Let us know what you think....

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s