Unable to Use Port 25 Within Linux

book

Article ID: 159944

calendar_today

Updated On:

Products

Data Loss Prevention Network Prevent for Email

Issue/Introduction

Symantec SMTP Prevent running on Linux fails to monitor port 25.

Resolution

All Linux ports below 1024 are restricted, which means programs cannot bind those ports without being the root account. This is expected Linux behavior. 

With Windows, you can work directly against port 25 without the restrictions. The recommended approach is to reroute port traffic and setup IP tables.

To reroute port traffic and setup IP tables:

  1. From the Advanced Server Detection page, setup Prevent to use port 10025 by changing the attribute, RequestProcessor.ServerSocketPort, to a value of 10025.
  2. Setup IP tables:

    iptables -N Vontu-INPUT
    iptables -A Vontu-INPUT -s 0/0 -p tcp --dport 25 -j ACCEPT
    iptables -I INPUT 1 -s 0/0 -p tcp -j Vontu-INPUT
    iptables -t nat -I PREROUTING 1 -s 0/0 -p tcp --dport 25 -j REDIRECT --to-ports 10025
    iptables-save > /etc/sysconfig/iptables 

    Note: Setting up the IP tables effectively reroutes the traffic from port 25 to port 10025.

    For more references on IP tables, see:
    http://www.frozentux.net/documents/iptables-tutorial/

https://help.ubuntu.com/community/IptablesHowTo

Note: References to outside links are not controlled by Vontu; therefore, Vontu cannot guarantee the content, correctness or current state of the links.