Do I need port 25?

Currently reading
Do I need port 25?

20
5
NAS
DS916+
Router
RT2600ac
Recently, I've stared a test mail server to play with, but i can't send any mail from it. Here's what i get:
Code:
connect to alt2.gmail-smtp-in.l.google.com[74.125.20.26]:25: Connection timed out
All ports are forwarded, except 25 (because ISP blocks it).
 

fredbert

Moderator
NAS Support
Subscriber
1,470
627
NAS
DS1520+, DS218+, DS215j
Router
RT2600ac, MR2200ac
Operating system
macOS
Mobile operating system
iOS
Can you relay out through your ISP's SMTP server?
All ports are forwarded, except 25 (because ISP blocks it).
Forwarding ports is only for incoming connections, e.g. when Gmail is sending you a mail. What you've asked is about sending mail to Gmail.

You can forward ports 25, 465, and 587 (common ports used for SMTP) to Mail Server/MailPlus Server. These will be used when receiving mails.
 
Last edited:
1,426
614
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
If your ISP is blocking port 25 then you can use a mail relay service to send email. Services like turbo-smtp and send grid are two among many.

Of course this complicates things a bit.
 
1,426
614
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Receiving is the easy part. It should be working with you already (provided you’ve got your MX record added correctly). Sending is the complicated one.

But what’s the use of receiving without sending?! Maybe I’m missing the point.
 
20
5
NAS
DS916+
Router
RT2600ac
Receiving is the easy part. It should be working with you already (provided you’ve got your MX record added correctly). Sending is the complicated one.

But what’s the use of receiving without sending?! Maybe I’m missing the point.
Thank you, I will try that relay service. But can you explain me, what for is that custom smtp port field? Even I change it to something else, it sends on port 25 anyway

204
 
1,426
614
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Sorry, I don’t understand the language in the picture. Are you using mail or mail plus?

This is what I have on my Mail Server (not the plus version). Are you referring to this?

D5553891-91DE-4C75-A2D2-DD5B0BF42EB1.jpeg
 
1,426
614
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Oh, I think you’re referring to port 25 on that shot. Yes, you need to send and receive on port 25 to other servers unless you’re using a mail relay then you can define the port for the connection between your server and the relaying service.

The internet sends and receives emails on port 25. You should have that (port 25) open and forwarded on your router to your mail server.
And when you send, you’ll be sending on port 25 so other mail servers on the internet can receive your mail. That will be unencrypted BTW.
If a mail servers feels like it (read: supports encryption) it’ll switch to SMTP-SSL or SMTP-TLS after the initial connection to transmit or receive the message encrypted (on the ports shown in my shot above for example).

I don’t want to discourage you, but if you’re doing this for fun (that’s ok). it’ll need some work to be done to get this running, especially if you’re sending via an email relay.

You’ll need to setup SPF, DMARC and DKIM so your emails get delivered to inboxes instead of spam folders.
 
Last edited:
20
5
NAS
DS916+
Router
RT2600ac
Oh, I think you’re referring to port 25 on that shot. Yes, you need to send and receive on port 25 to other servers unless you’re using a mail relay then you can define the port for the connection between your server and the relaying service.

The internet sends and receives emails on port 25. You should have that (port 25) open and forwarded on your router to your mail server.
And when you send, you’ll be sending on port 25 so other mail servers on the internet can receive your mail. That will be unencrypted BTW.
If a mail servers feels like it (read: supports encryption) it’ll switch to SMTP-SSL or SMTP-TLS after the initial connection to transmit or receive the message encrypted (on the ports shown in my shot above for example).

I don’t want to discourage you, but if you’re doing this for fun (that’s ok). it’ll need some work to be done to get this running, especially if you’re sending via and email relay.

You’ll need to setup SPF, DMARC and DKIM so you’re emails get delivered to inboxes instead of spam folders.
Ok, now I know that without smtp relay I can't get any further. Will try it out.

Thank you for your time.
 
1,426
614
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
I’m using turbo-smtp

Here’s what it looks like under smtp relay:

207
 
1,426
614
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
Check the article under resources (on this forum) about SPF, DKIM and DMARC for more about why do you need this jargon to be enabled on your mail server.
 
1,006
336
NAS
DS418play, DS213j, DSM 7.0.1-14401
Google translate
SMTP
enable SMTP to deliver and receive mail.
s] Turn on SMTP
Account type: Local users v
s] Enable SMTP-SSL
Port: 465
s] Enable SMTP-TLS
Port: 587
 

fredbert

Moderator
NAS Support
Subscriber
1,470
627
NAS
DS1520+, DS218+, DS215j
Router
RT2600ac, MR2200ac
Operating system
macOS
Mobile operating system
iOS
What we're getting here is that the ISP assumes any outbound traffic from your connection to a port 25 is SMTP server to server. They may permit you to use port 25 to their SMTP server, and you can test this.

The other thing you can test with you ISP's SMTP service is: do you need to authenticate? if you do, can you send mail using any 'from' address? You might have to add a dummy address in your mail client to do this test.

Provided the last question is answered "yes, I can use my ISP's SMTP server to send from any email address" then you can use this as a SMTP relay. Your NAS SMTP can send all mail that it doesn't have a local account to the ISP's SMTP server, and it will send it to the Internet.

You may get into issues of some mail services rejecting your messages because they can't validate if it's come from the right originating servers ... checking for spam. This is where SPF, DMARC, and DKIM are used. I have setup SPF in my domain's DNS records (I'm using Namecheap) to instruct where my domain's mail will come from:

Create a TXT record for '@' (all) with a value of
Code:
v=spf1 mx a ip4:<ISP's mail servers subnet>/24 a:smtp.mydomain.com a:mail.mydomain.com a:smtp.myispdomain1.com a:smtp.myispdomain2.com include:mydomain.com include:myispdomain1.com include:myispdomain2.com include:_spf.google.com ~all
Hopefully, this will stop spammers trying to mimic sending from my domain. And I should now remove the final google.com since we no longer use it.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top