Unable to Use Port 25 Within Linux
search cancel

Unable to Use Port 25 Within Linux


Article ID: 159944


Updated On:


Data Loss Prevention Network Prevent for Email Data Loss Prevention Data Loss Prevention Core Package


Symantec SMTP Prevent running on Linux fails to monitor port 25.


All Linux ports below 1024 are restricted, which means programs cannot bind those ports without being the root account. This is expected Linux behavior. 

With Windows, you can work directly against port 25 without the restrictions. The recommended approach is to reroute port traffic and setup IP tables.

To reroute port traffic and setup IP tables:

  1. From the Advanced Server Detection page, setup Prevent to use port 10025 by changing the attribute, RequestProcessor.ServerSocketPort, to a value of 10025.
  2. Setup IP tables:

    iptables -N Vontu-INPUT
    iptables -A Vontu-INPUT -s 0/0 -p tcp --dport 25 -j ACCEPT
    iptables -I INPUT 1 -s 0/0 -p tcp -j Vontu-INPUT
    iptables -t nat -I PREROUTING 1 -s 0/0 -p tcp --dport 25 -j REDIRECT --to-ports 10025
    iptables-save > /etc/sysconfig/iptables 

    Note: Setting up the IP tables effectively reroutes the traffic from port 25 to port 10025.



Additional Information

For more references on IP tables, see:



Note: References to outside links are not controlled by Broadcom; therefore, Broadcom cannot guarantee the content, correctness or current state of the links.