Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

Using ports 25 and 587 for SMTP

 
SOLVED
Go to solution
RF Thomas
Frequent Advisor

Using ports 25 and 587 for SMTP

Is there a way to support ports 25 and 587 in TCPIP/SMTP?

VERIZON is requiring us to make this change. We do have web based email access using IlohaMail, but it is slow and by-passes the anti=sp[am on our PC's.

Internaly all systems are setup to use port 25. What changes would be necessary to enable port 587 and are there otehr concerns?
7 REPLIES 7
RF Thomas
Frequent Advisor

Re: Using ports 25 and 587 for SMTP

Further clarification:

We use many PHP based applications. We do not believe that the CWSPHP can use any port for email but 25.

We do know that there are elaborate PHP scripts that do what is necessary, but to find and edit such in all of the PHP is difficult and means making changes on every release.
Hoff
Honored Contributor

Re: Using ports 25 and 587 for SMTP

TCP/IP Services product doesn't support the 587 submission port for SMTP mail.

Third-party stacks can and variously do offer 587.

Your choices are thus limited to switching IP stacks or migrating your mail server to a more modern mail server.

As for the other part of the question, configuring for 587 varies by client, or by whatever the php code might be doing.

This is usually one of the available settings within the mail client for authenticated or SSL-based communications with the mails erver, but details vary by client. (This isn't the best spot for Microsoft Windows questions, however.)

For php, one option other might be the open-source phpmailer package for performing remote submissions.
Andy Bustamante
Honored Contributor

Re: Using ports 25 and 587 for SMTP

One option is to use a firewall capable of remapping ports. Most network security/firewall devices can manage this or a Linux system can be configured for the do yourself option.

If you don't have time to do it right, when will you have time to do it over? Reach me at first_name + "." + last_name at sysmanager net
Hoff
Honored Contributor

Re: Using ports 25 and 587 for SMTP

Here's a previous thread:

http://h30499.www3.hp.com/t5/Networking/SMTP-Route-Through/m-p/4335962#M7953


The difficulties you are experiencing is due to the many limitations and omissions within TCP/IP Services; it's an old SMTP implementation, and not feature-competitive.

As for mail, shutting off port 25 entirely or remapping port 25 to another port isn't feasible if you're running a public-facing SMTP server.

If you're implementing mail using an authorized relay through a Verizon mail server, then you're free to do pretty much whatever you want. You can swap and port-map ports, migrate clients to a VPN, etc.

Jeremy Begg
Trusted Contributor

Re: Using ports 25 and 587 for SMTP

You could also look at purchasing PMDF from Process Software. This provides all the SMTP and MIME functionality you are likely to want, without requiring a wholesale replacement of the TCP/IP stack or reworking of other systems to handle mail on VMS' behalf.

The SMTP "submit" port, 587, generally requires that the SMTP client provides some form of authentication. PMDF includes such a client.

Regards,
Jeremy Begg
Willem Grooters
Honored Contributor
Solution

Re: Using ports 25 and 587 for SMTP

You can do so directly, but it requires hacking into DCL code of TCPIP$CONFIG.COM (and subsequent procedures):

* Stop and Disable SMTP service
* Look into the code for SMTP service (or "25") and chnage the port
* Re-configure SMTP using TCPIP$CONFIG

But the easy way is using a firewall and forward port 587 (outside) to port 25 (inside). I would prefer the solution anyway since it adds to teh overall security of your network as a whole - even your VMS box can be prone to attacks (I see attempst on a daily basis...)
Willem Grooters
OpenVMS Developer & System Manager
RF Thomas
Frequent Advisor

Re: Using ports 25 and 587 for SMTP

This would be an excellent solution, but unfortunately my firewall is a Watchguard Firebox and it does not support remapping of TCP ports.

I can edit the various command procedures and will consider doing such and reconfiguring all of the user systems to use port 587.

We will be upgrading the firewall at some point and will investigate a firewall with greater capability.

We too are seeing more and more attacks. At least we have excellent tools to analyze and mitigate any possible damage.