Howto/20230921 Use a cheap VPS to bypass ISP blocking of port 25 to postfix mail server: Difference between revisions
From Interpause
Jump to navigationJump to search
(→Steps) |
|||
Line 41: | Line 41: | ||
; 4) Update port forwarding on router | ; 4) Update port forwarding on router | ||
* Forward external port 2025 to internal port 25 of mail1.interpause.com | * Forward unblocked external port 2025 to internal port 25 of mail1.interpause.com |
Revision as of 14:39, 21 September 2023
Disclaimer
My Howtos are mainly for me to document the steps required in case I ever have to re-do them again. Hopefully they will help other system admins out there, but I regret that this is not my primary objective.
Problem
We just switched to a new Internet Service Provider (ISP) that blocks port 25, both ways, making us no longer able to send or receive emails.
Solution
- For outbound emails, use the ISP's smtp server to send emails.
- For inbound emails, use a cheap VPS whose port 25 is open to receive and then forward emails to the main mail server on external port 2025 (not blocked by ISP). We already have a cheap VPS for our OpenVPN server with racknerd that costs 11USD/year so, for us, there is no extra cost to setup this mail forwarder.
- Our solution is based on the following guide to setup a backup MX: https://www.howtoforge.com/postfix_backup_mx
Prerequisites
- You already have a working email server (mail1.interpause.com) configured with postfix, but port 25 is completely blocked
- You have rented a cheap VPS (mail2.interpause.com) and have installed postfix using the default configuration
- You have access to your ISP's smtp server (smtp.ebox.ca on port 587). Be sure to switch these for your own domain addresses.
Steps
- 1) Setup MX records on domain provider to point to VPS
- For namecheap, it looks like this:
- 2) Setup /etc/postfix/main.cf on mail1.interpause.com
myhostname = mail1.interpause.com mydestination = mail1.interpause.com, localhost, localhost.localdomain mynetworks = 127.0.0.0/8 [::1]/128 mail1.interpause.com mail2.interpause.com relayhost = [smtp.ebox.ca]:587
- 3) Setup /etc/postfix/main.cf on mail2.interpause.com
myhostname = mail2.interpause.com mydestination = $myhostname, localhost, localhost.localdomain, localhost relayhost = [mail1.interpause.com]:2025 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mail1.interpause.com mail2.interpause.com smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination relay_domains = $mydestination, interpause.com relay_recipient_maps =
- 4) Update port forwarding on router
- Forward unblocked external port 2025 to internal port 25 of mail1.interpause.com