Mail Server Ports Needed?

Zarathustra[H]

Extremely [H]
Joined
Oct 29, 2000
Messages
38,639
Hey all,

I am considering setting up my own mail server, but I understand ISP's usually block the needed ports.

So I decided to test.

I set up ports 25, 465 and 587 on my router to forward to my SSH port on one of the servers on my network.

Then I proceeded to ssh to a remote server, and try to ssh back.

To my surprise I found that I could make incoming connections to my network on all three of those ports.

Is this all I need to worry about, or is there something else? What about outgoing traffic? Might my port 25 outgoing be blocked? Could I just configure my mail server to send on a different port if that is the case? Would that work?

Appreciate any thoughts on this. This should be a simple concept, but somehow I am getting myself confused.

I'd appreciate someone setting me straight.

Thanks
 
Not all ISPs block ports

Some may be packetsniffing and block based on traffic rather than port. Encryption should get around that though
 
Output port 25 (and others) should not be blocked. Sending out mail connects to remote servers and those servers define what ports you connect them to.
Running mail server is not an easy task if you want things well implemented and working.
What incoming ports you need open depends also on what services you will offer to clients of your server, like IMAP, POP3 etc.
You can test yourself what incoming/outgoing ports may be blocked by the ISP. An example for outgoing tests is: telnet someserver 25
 
Running mail server is not an easy task if you want things well implemented and working.

People keep saying this, but I have been running various servers for years and have a difficult time picturing any server I couldn't tackle at this point.

Is this a cautionary tale for those who are new to running servers, or is there something particularly difficult about mail servers I should be aware of?
 
May have to abandon this project.

Turns out trying to run a mail server on a dynamic DNS won't allow me to set the PTR record, and will just result in constant blacklisting :/

Goddamned annoying.
 
People keep saying this, but I have been running various servers for years and have a difficult time picturing any server I couldn't tackle at this point.

May have to abandon this project.

lol'd

I was rooting for you but even the zealots in r/privacy don't bother with setting up their own mail server. From what they've said, even once it's up and running, maintaining it is way more trouble than it's worth. I guess there's also a lot of issues with actually getting your messages to go in to people's inboxes, and not straight in to spam or junk folders.
 
May have to abandon this project.

Turns out trying to run a mail server on a dynamic DNS won't allow me to set the PTR record, and will just result in constant blacklisting :/

Goddamned annoying.

Aww, was hoping for an entertaining thread about your trials & tribulations getting it set up, and you swearing at your isp for doing this & that to your traffic. All in an entirely clean, family-friendly way, of course.
 
Yeah, setting up the server, technically, is pretty easy. Heck, most NASs and linux server distros, it is just a matter of entering your domain name and flipping the On switch.

The hard part is convincing other mail servers to accept your outbound and staying off blacklists.

I've run several mail servers. I usually end up sending all my outbound through a paid service so it makes it out and doesn't just get perma-bounced.

I used to use a GoDaddy account for that years ago when I was cheap. More recently I'm using SocketLabs.
 
I run a local mail server for testing and development purposes. Sometimes I confuse things and send out an email message :) . Often, it gets received in gmail Inbox'es :) .
 
I just hacked my ISP a while time ago and connected to their mail-relay with sendmail. Dynamic was not a problem. Made up some MX record that didnt resolve elsewhere, ClamAV worked well for anti-spam, my apologies if the info is a bit dated. It was just for testing.
 
lol'd

I was rooting for you but even the zealots in r/privacy don't bother with setting up their own mail server. From what they've said, even once it's up and running, maintaining it is way more trouble than it's worth. I guess there's also a lot of issues with actually getting your messages to go in to people's inboxes, and not straight in to spam or junk folders.

Aww, was hoping for an entertaining thread about your trials & tribulations getting it set up, and you swearing at your isp for doing this & that to your traffic. All in an entirely clean, family-friendly way, of course.


Yeah, I am all for a challenge, but when I'm told something just doesn't work with dynamic DNS, then that doesn't leave me much in the way of options. Verizon does not offer static IP's to non business customers, and abusiness account is much more expensive for the same bandwidth, so that is not on the table.
 
If you are for reliable or business mail server, static IP is a must. Otherwise a rarely changing "home" IP address could also be Ok.
Making so emails don't stop at people's SPAM/junk folders is a priority, also dealing with the SPAM to your server. Some servers won't even accept emails if several prerequisites are met, and not only just a PTR record which... most ISPs would just not approve for home users.
 
You might want to check out migadu.com if you're looking for something that's privacy conscious...
 
Back
Top