0

I've got postfix and dovecot running on ports 25, 110, 587, 465, 993, 995 for the usual mail protocols. I can telnet into all ports except port 25 which you can see below. Any ideas on what's going on?

Remotely Telnet to port 25 (fails)

# telnet 192.168.1.100 25
Trying 192.168.1.100 ...
telnet: connect to address 192.168.1.100: Operation timed out
telnet: Unable to connect to remote host

Locally Telnet to port 25 (success)

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 example.com.au ESMTP Postfix

Firewalld rules:

# firewall-cmd --list-all
public (default, active)
  interfaces: eth0
  sources:
  services: dhcpv6-client dns http https imaps pop3s smtp ssh
  ports: 110/tcp 465/tcp 5432/tcp 587/tcp 143/tcp 2288/tcp 25/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

My postfix main.cf has 

inet_interfaces = $myhostname, localhost

and ss -plnt |grep :25 returns 

LISTEN     0      100                       *:25                       *:*      users:(("master",30844,13))
LISTEN     0      100                      :::25                      :::*      users:(("master",30844,14))
Shane Rowatt
  • 113
  • FYI: postfix should listens only 25, 587 (465) ports. Are you sure that postfix listens on all available interfaces? By default it listens only localhost. You should check main.cf for option inet_interfaces – ALex_hha Mar 29 '16 at 10:29
  • LISTEN 0 100 *:25 *:* users:(("master",30844,13)) LISTEN 0 100 :::25 :::* users:(("master",30844,14)) – Shane Rowatt Mar 29 '16 at 10:32
  • 2
    Limitations with your ISP? – Ialokin Mar 29 '16 at 10:35
  • It is a mail configuration file property. You can change that and allow to listen for 25 from outside, but it is not adviceable – BDRSuite Mar 29 '16 at 11:02
  • @nStensen You are correct, ISP is blocking port 25 so I have switched to using 465 for non-ssl smtp connections. – Shane Rowatt Mar 29 '16 at 11:06
  • @ShaneRowatt Just a heads-up: Regarding your edits (here and in one of the answers): All edit history is visible to people with enough rep. – David Makogon Mar 29 '16 at 11:58
  • Mods can permanently redact info if needed. – EEAA Mar 29 '16 at 12:42

1 Answers1

1

Check your station firewall. I could connect to your postfix "telnet 192.168.1.100 25"

Shane Rowatt
  • 113
Syed Alam
  • 81