search cancel

Unable to Use Port 25 Within Linux


Article ID: 159944


Updated On:


Data Loss Prevention Network Prevent for Email


Symantec SMTP Prevent running on Linux fails to monitor port 25.


All Linux ports below 1024 are restricted, which means programs cannot bind those ports without being the root account. This is expected Linux behavior. 

With Windows, you can work directly against port 25 without the restrictions. The recommended approach is to reroute port traffic and setup IP tables.

To reroute port traffic and setup IP tables:

  1. From the Advanced Server Detection page, setup Prevent to use port 10025 by changing the attribute, RequestProcessor.ServerSocketPort, to a value of 10025.
  2. Setup IP tables:

    iptables -N Vontu-INPUT
    iptables -A Vontu-INPUT -s 0/0 -p tcp --dport 25 -j ACCEPT
    iptables -I INPUT 1 -s 0/0 -p tcp -j Vontu-INPUT
    iptables -t nat -I PREROUTING 1 -s 0/0 -p tcp --dport 25 -j REDIRECT --to-ports 10025
    iptables-save > /etc/sysconfig/iptables 

    Note: Setting up the IP tables effectively reroutes the traffic from port 25 to port 10025.

    For more references on IP tables, see:

Note: References to outside links are not controlled by Vontu; therefore, Vontu cannot guarantee the content, correctness or current state of the links.