Set Up Postfix to Solve Blocked Port 25 Issue, and Send Emails from Localhost.

Or Stop Complaining, and Solve the Problem

Jump right to the answer without reading my badly narrated experience

I wrote a few hours ago about AT&T blocking port 25, and why that matters. For a moment, I decided to just write that post and wait until morning to call AT&T, but then I asked about the issue on Super User, and the answer I got made me curious about this issue, so I went back to it. It paid off. I was finally able to fix the problem. It took me already about 7 hours going on and off on this issue, but I’ve learned some new stuff, which is great. Now I just need to hurry up and start working on the project that required localhost to be able to send emails.

It is actually not that difficult to solve this problem, but it can be if you don’t know how to. I hope I can save you many hours with this post.

Based on the idea I got from the answer on Super User, I decided to try to use a different port. I had tried before using an smtp server to relay the emails. I tried with my ISP’s SMTP server (outbound.att.net according to their website). But it would not work. All I got was a connection timeout. This is because I was attempting to connect on port 25, which is blocked.

So, I started playing with the port number. First I followed the steps outlined on this website: http://www.linuxmail.info/postfix-change-port/ but that didn’t help. And to be honest I’m not quite sure what it is they are doing in that post, so I just decided to put everything back. I will copy and paste the post, just to be sure to keep the content in case that site goes offline. We never know:

By default, Postfix listens on the SMTP port number 25. Some ISPs block this port number so you may wish to provide an alternate port number to listen to or change it altogether.

Edit master.cf

1. Edit the file /etc/postfix/master.cf and find the line below. You can comment the line below by adding # in front of the line to disable SMTP port 25.

smtp inet n – n – - smtpd

Next, add this line

25000 inet n – n – - smtpd

Replace 25000 with your preferred alternate port number.

Restart the Postfix service or the MailScanner service if you have integrated MailScanner into Postfix.

If you have enabled the firewall, you need to configure the firewall to allow traffic on the new port number.

Test Postfix by connecting on the new port number. Use the terminal command telnet localhost [port] instead of telnet localhost smtp to test your new port number.

Since this did not help, I was back to square 1. Next I did some stupid things like trying to set the relay on the main.cf file (/etc/postfix/main.cf) to localdomain, and localhost. This of course were just plain stupid ideas, but I didn’t know what else to do. I got the idea from reading the section “What delivery method: direct or indirect” on the postfix configuration manual, which by the way is very interesting.

Well, none of that helped. So I decided to try with my online server’s smtp server. I got this value because at some point I set an account on Thunderbird to see if it had any problem sending emails. Thunderbird automatically detected my server’s smtp server, and that is the value I used, but I’m sure that if you have a hosting provider, and they offer email service with your own domain name, you should have your server’s smtp server address. In my case it is smtp.mydomain.com

Once again, it would not work because I was using the wrong port number. So I searched for information on how to change the port number. However, I was confused, and ignorant, so I searched for how to change the port number on sendmail, since the last instructions on post number changing hadn’t helped at all. I found results like these:
http://www.linuxforums.org/forum/servers/23275-sendmail-how-do-i-change-ports-being-used.html

http://lists.freebsd.org/pipermail/freebsd-questions/2004-June/048640.html

http://www.linuxquestions.org/questions/linux-server-73/how-can-i-change-my-sendmail-port-number-in-centos-5-4-a-895450/

The problem is that sendmail is a different program, so none of them were of help. If I mention them it is just because I like to read this kind of posts later when I have a better understanding of the subject, and laugh at my own ignorance ;)

At the moment, I did not know that I was seeing documentation, and answers for another program, so I was looking for sendmail.cf on my computer. This turned out to be a good thing, because it took me to the place where I found the answer to the problem.

Trying to find sendmail.cf, I got to this forum post:
http://ubuntuforums.org/showthread.php?p=11780787#post11780787
Which not only has good information, but also links to:

http://www.thheuer.com/2012/03/smtp-postfix-server-setup-for-your-home-development/
Where I found the answer to the problem. I must admit that before trying this out, I continued wasting time trying some other stupid things, like the aforementioned about localdomain as relyhost. Why? Pure lazines. I didn’t want to follow through the steps outlined on that post. Shame on me!

Also, at some point I considered using some kind of public SMTP server, or getting one from dyn.com. Searching for public SMTP servers, I got to this websites, that have information that I considered to be useful:
http://www.werockyourweb.com/list-outgoing-smtp-mail-servers <- A list of outgoing SMTP servers
http://publicsmtpserver.com/ <- Info about why we need public SMTP servers.
I considered using some other SMTP server quite early in this process, but it was just an idea I had, and not an appealing one.

Anyway, if you didn't read the post about how to solve the problem, this is basically what you need to do:

Firs you need an SMTP server, could be your ISP’s SMTP server. You will use it to relay your email. IF it requires authentication, you will need your user name and password.

First you need to create a file on /etc/postfix/. Call this file relay_passwd. I assume you could call it anything you want, but relay_passwd is a good name. On this file put the login information:

smtp.server.com USER:PASSWORD

you need to change smtp.server.com for your smtp server, USER for your username, and PASSWORD for your password.

Once you’ve created this file, you need to run

postmap /etc/postfix/relay_passwd

on the command line.
This will create a new file, with .db extension. If you forget this step, like I did, you will get an error.

bad command startup -- throttling postfix

As this page explains: http://www.devheads.net/server/postfix/user/bad-command-startup-throttling.htm The real error is a couple of lines before, and it will say that the file relay_passwd.db is missing. IF you get this error, chances are you forgot to run the postmap command.

Once you have the .db file, you need to set the following on your /etc/postfix/main.cf file:

relayhost = [smtp.domain.com]  # this is the important line!
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
smtp_sasl_security_options = 

Don’t overlook that last option. When I first made this changes, I decided not to add that line because it has no value. As it turns out, that line is overwriting the default value. If your smtp server expect plain text for authentication, you need that line, as explained on https://discussions.apple.com/thread/1930273?start=0&tstart=0 If you don’t add that line, but you need it, you will get an error saying “SASL authentication failed; cannot authenticate to server smtp.server.com[serverip]: no mechanism available”. If you get this error, then you need that line.

Finally, restart your postfix:

sudo /etc/init.d/postfix restart

And that’s it. Now your server should be able to send email.

It took me a long time, a lot of trial and error, and a lot of reading on the mail log file (/var/log/mail.log) to fix this issue, and although I’m tired, and sleepy, I feel quite stisfied that I was able to solve it. But I hope I can avoid you going through the same process by writing this entry on my blog. Good luck, and happy coding!

2 thoughts on “Set Up Postfix to Solve Blocked Port 25 Issue, and Send Emails from Localhost.

  1. Thanks, my institution also blocked the port 25 for outgoing mail (to prevent SPAM they said) and this tutorial worked like a charm!

    I found useful that you posted your experience since I also wasted a few hours until I discovered where the problem was, and then I found your blog. ;)

Comments are closed.