SMTP 587 and 465 together

system · March 2, 2011, 1:36pm

Hello!

Is there any solution to use port 587 and 465 together?

Regards,
Adam

IWorx-Dan · July 21, 2011, 12:49pm

Hi DSS,

Yes it is possible. You can’t really do it via the control panel but you can do it using simple file moving/editing. Assuming that you have the “alternate” smtp server installed on port 587 (this procedure will not work if you haven’t done that yet):

[LIST=1]

Log in via SSH as root

go to /var/log ``` # cd /var/log ```

make an smtp3 directory ``` # mkdir smtp3 ```

chown it to user qmaill group qmail ``` # chown qmaill:qmail smtp3 ```

go to /service ``` # cd /service ```

copy smtp2 and make a new smtp3 director ``` # cp -rf smtp2/ smtp3 ```

chown smtp3 to user qmaill group qmail ``` # chown chown qmaill:qmail smtp3 ```

go into the smtp3 directory ``` # cd smtp3 ```

edit the run file in your preferred text editor. Find this line (second to last line): ``` -u "$QMAILDUID" -g "$NOFILESGID" 0 587 \ ``` and replace '587' with '465: ``` -u "$QMAILDUID" -g "$NOFILESGID" 0 465 \ ```

chown run and log to user qmaill group qmail ``` # chown qmaill:qmail run log ```

go to the log directory ``` # cd log ```

open the run file in your preferred text editor and find this line to edit: ``` exec /usr/bin/setuidgid qmaill /usr/bin/multilog t /var/log/smtp2 2>&1 ``` and replace 'smtp2' with 'smtp3': ``` exec /usr/bin/setuidgid qmaill /usr/bin/multilog t /var/log/smtp3 2>&1 ```

chown the run file to user qmail group qmaill ``` # chown qmaill:qmail run ```

restart the service ``` # svc -d /service/smtp3{,/log} # svc -u /service/smtp3{,/log} ```

[/LIST]

You should see the following somewhere in your process list when you run ps auxf:

|   \_ supervise smtp3
|   |   \_ /usr/bin/tcpserver -v -R -H -l my.server.hostname -x /etc/tcprules.d/tcp.smtp.cdb -c 20 -u 108 -g 104 0 465 /usr/bin/rblsmtpd -rbl.spamcop.net /var/qmail/bin/qmail-
|   \_ supervise log
|       \_ /usr/bin/multilog t /var/log/smtp3

and you should be able to run telnet on port 465:

# telnet 127.0.0.1 465
Trying 127.0.0.1...
Connected to my.server.hostname (127.0.0.1).
Escape character is '^]'.
220 my.server.hostname InterWorx-CP SMTP Server ESMTP

system · July 21, 2011, 2:31pm

Thanks for the respond. I messed up something, I think I did the 14th step multiple times. Now I’m getting this when I run ps auxf:



root     31822  0.0  0.0   3680   252 ?        S    22:05   0:00  |   \_ supervise smtp3
vpopmail 13966  0.0  0.0  20240  1012 ?        S    22:24   0:00  |   |    \_ /usr/bin/tcpserver -v -R -H -l server.tri-software.com -x  /etc/tcprules.d/tcp.sm
root     31823  0.0  0.0   3680   248 ?        S    22:05   0:00  |   \_ supervise log
qmaill   13965  0.0  0.0   3696   252 ?        S    22:24   0:00  |   |   \_ /usr/bin/multilog t /var/log/smtp3
root     14527  0.0  0.0   3680   252 ?        S    22:27   0:00  |   \_ supervise smtp3
root      2800  0.0  0.0      0     0 ?        Z    23:28   0:00  |   |   \_ [supervise] <defunct>
root     14529  0.0  0.0   3680   252 ?        S    22:27   0:00  |   \_ supervise log
qmaill   18270  0.0  0.0   3696   248 ?        S    22:32   0:00  |   |   \_ /usr/bin/multilog t /var/log/smtp3
root      8693  0.0  0.0   3680   248 ?        S    22:59   0:00  |   \_ supervise smtp3
root      2802  0.0  0.0      0     0 ?        Z    23:28   0:00  |   |   \_ [tcpserver] <defunct>
root     24691  0.0  0.0   3680   248 ?        S    23:11   0:00  |   \_ supervise log
root      5830  0.0  0.0   3668   216 ?        S    May21   0:00  \_  readproctitle service errors: ...le does not exist?supervise: fatal:  unable to start smt

I ran svc-x and svc-k command for the smtp3 but nothing changed. Is there anything to do in the case?

Thanks for answering me!

Regards,
Adam

IWorx-Dan · July 21, 2011, 3:43pm

Adam, if you want to open a support ticket with your login credentials we can poke at it to see if we can figure out where you went wrong. Typically there shouldn’t be more than one supervise smtp3 process.

gerwin · September 29, 2011, 11:36am

@dss

Or you could do:

/sbin/iptables -t nat -I PREROUTING -p tcp --dport 587 -j REDIRECT --to-port 25

I know it’s dirty but it does work

system · January 27, 2012, 8:18am

Is there any way to set up SSL to port 465 which was created by Dan’s method?

IWorx-Dan · February 1, 2012, 8:44am

Hi Dss,

We currently don’t support SSL on smtp because we offer STARTTLS on both 25 and 587 which has been shown to be sufficiently secure since no data (including auth) is transmitted until after TLS has been invoked. At that point the entire exchange between the client/server is encrypted. Is there some reason you need SSL?

system · February 1, 2012, 8:58am

Hi Dan,

Thank you your reply. We want to use SSL on port 465 because one of our softwares uses a component, which communicates over port 465 with SSL automatically. We use also port 587 with TLS but some of our users use port 465 and 587 is closed.

IWorx-Dan · February 1, 2012, 9:23am

Hi dss,
What is the name of this software (and component if its a module or something)? Or is it a custom in-house product?

system · February 1, 2012, 9:43am

We are using Chilkat components (http://www.chilkatsoft.com/) on .NET and php.

IWorx-Dan · February 1, 2012, 10:50am

Hi dss,

The feature page claims to support SMTP STARTTLS - is this not the case?
http://www.chilkatsoft.com/email-dotnet.asp

Regards,

system · February 1, 2012, 10:59am

Yes, you have right, but it works only on port 587 with TLS (we’re using it now too) but some of our costumers uses only port 465 and we want to use secure connection between IW server and Chilkat component, if it’s possible.