Do I need port 25?

Currently reading
Do I need port 25?

20
4
NAS
DS916+
Router
  1. RT2600ac
Recently, I've stared a test mail server to play with, but i can't send any mail from it. Here's what i get:
Code:
connect to alt2.gmail-smtp-in.l.google.com[74.125.20.26]:25: Connection timed out

All ports are forwarded, except 25 (because ISP blocks it).
 
Last edited:
Can you relay out through your ISP's SMTP server?
All ports are forwarded, except 25 (because ISP blocks it).
Forwarding ports is only for incoming connections, e.g. when Gmail is sending you a mail. What you've asked is about sending mail to Gmail.

You can forward ports 25, 465, and 587 (common ports used for SMTP) to Mail Server/MailPlus Server. These will be used when receiving mails.
 
Receiving is the easy part. It should be working with you already (provided you’ve got your MX record added correctly). Sending is the complicated one.

But what’s the use of receiving without sending?! Maybe I’m missing the point.

Thank you, I will try that relay service. But can you explain me, what for is that custom smtp port field? Even I change it to something else, it sends on port 25 anyway

204
 
Last edited:
Oh, I think you’re referring to port 25 on that shot. Yes, you need to send and receive on port 25 to other servers unless you’re using a mail relay then you can define the port for the connection between your server and the relaying service.

The internet sends and receives emails on port 25. You should have that (port 25) open and forwarded on your router to your mail server.
And when you send, you’ll be sending on port 25 so other mail servers on the internet can receive your mail. That will be unencrypted BTW.
If a mail servers feels like it (read: supports encryption) it’ll switch to SMTP-SSL or SMTP-TLS after the initial connection to transmit or receive the message encrypted (on the ports shown in my shot above for example).

I don’t want to discourage you, but if you’re doing this for fun (that’s ok). it’ll need some work to be done to get this running, especially if you’re sending via an email relay.

You’ll need to setup SPF, DMARC and DKIM so your emails get delivered to inboxes instead of spam folders.
 
Oh, I think you’re referring to port 25 on that shot. Yes, you need to send and receive on port 25 to other servers unless you’re using a mail relay then you can define the port for the connection between your server and the relaying service.

The internet sends and receives emails on port 25. You should have that (port 25) open and forwarded on your router to your mail server.
And when you send, you’ll be sending on port 25 so other mail servers on the internet can receive your mail. That will be unencrypted BTW.
If a mail servers feels like it (read: supports encryption) it’ll switch to SMTP-SSL or SMTP-TLS after the initial connection to transmit or receive the message encrypted (on the ports shown in my shot above for example).

I don’t want to discourage you, but if you’re doing this for fun (that’s ok). it’ll need some work to be done to get this running, especially if you’re sending via and email relay.

You’ll need to setup SPF, DMARC and DKIM so you’re emails get delivered to inboxes instead of spam folders.

Ok, now I know that without smtp relay I can't get any further. Will try it out.

Thank you for your time.
 
What we're getting here is that the ISP assumes any outbound traffic from your connection to a port 25 is SMTP server to server. They may permit you to use port 25 to their SMTP server, and you can test this.

The other thing you can test with you ISP's SMTP service is: do you need to authenticate? if you do, can you send mail using any 'from' address? You might have to add a dummy address in your mail client to do this test.

Provided the last question is answered "yes, I can use my ISP's SMTP server to send from any email address" then you can use this as a SMTP relay. Your NAS SMTP can send all mail that it doesn't have a local account to the ISP's SMTP server, and it will send it to the Internet.

You may get into issues of some mail services rejecting your messages because they can't validate if it's come from the right originating servers ... checking for spam. This is where SPF, DMARC, and DKIM are used. I have setup SPF in my domain's DNS records (I'm using Namecheap) to instruct where my domain's mail will come from:

Create a TXT record for '@' (all) with a value of
Code:
v=spf1 mx a ip4:<ISP's mail servers subnet>/24 a:smtp.mydomain.com a:mail.mydomain.com a:smtp.myispdomain1.com a:smtp.myispdomain2.com include:mydomain.com include:myispdomain1.com include:myispdomain2.com include:_spf.google.com ~all

Hopefully, this will stop spammers trying to mimic sending from my domain. And I should now remove the final google.com since we no longer use it.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top