Install a New Linux OS On a Dell Wyse 3040

Install a New Linux OS On a Dell Wyse 3040
Adding an NVMe Drive to a Raspberry Pi 5

Adding an NVMe Drive to a Raspberry Pi 5
Fixing VS Code Remote Node Not Found Error

Fixing VS Code Remote Node Not Found Error
Convert a Wii U Dock to USB C

Convert a Wii U Dock to USB C
Fixing a Stuck ‘A’ Button on a PDP Xbox One Controller

Fixing a Stuck ‘A’ Button on a PDP Xbox One Controller
Repairing a Faulty Motherboard

Repairing a Faulty Motherboard

Configuring Your Router to Run an Email Server

Content:

In order for emails to either reach or leave your email server, your router needs to allow traffic on the ports used for email transfer.

There are additional ports to consider should you wish to access your emails through an email client.

This guide will go through the ports required, and show you how to test them.

Setting a Fixed IP Address

Before opening up the ports, you’ll need to make sure the server is using a fixed IP address. This is due to the fact that a port can only be opened for a specific IP address, where all traffic through the port will be directed.

You can either do this on the server itself, or better still, through the router. Check for an option called ‘DHCP Reservation’ or similar, and make sure the local IP of your server is reserved.

DHCP will dynamically allocate local IP addresses on a first come, first serve basis, which is why we prefer to set this router side. If it is set on the device, the router could still potentially allocate the requested IP to another device before responding to your server. At this point, the IP your server wanted to use is already allocated to another device. Reserving the IP on the server side will prevent this.

Opening the Required Ports

Once you have the local IP address of your web server, head to your router management page and find the options relating to port forwarding.

Note that the terms ‘opening’ and ‘forwarding’ of ports in this context means the same thing. By default, a port is not forwarded by your router, meaning traffic using the port has nowhere to go. There’s nothing to connect to on the other end. The port is therefore considered ‘closed’. When a port has been forwarded, there’s now a target device on the other end, so the port is considered ‘open’.

You should be able to enter the device IP, along with a port number to forward to it. Some routers will present this as a range, while others will include separate sections for external and internal port numbers.

You’re also likely to see the option to open the port for TCP, UDP, or both. In this case, you’ll want to select TCP (though both would also work).

Check your router documentation if you’re unsure how to do this.

It’s possible that certain ports (25 in particular) might be blocked on your router.

Blocked ports
Blocked email ports on a router.

If this is the case, check our article showing you how to get around this.

SMTP

SMTP, or Simple Mail Transfer Protocol, is the protocol used to transfer emails over the internet.

There are four different SMTP-related ports, one of which is a strict requirement for us to open.

The SMTP ports are:

  • 25/TCP
  • 465/TCP
  • 587/TCP
  • 2525/TCP

Port 25 is known at the SMTP relay port, as it is used to transfer emails from one email server to another. When sending an email, your email server will use port 25 to send the email to the target server. It will also be listening to incoming traffic on the port, to check for incoming emails.

It is vital that this port is opened. All email servers use this port to communicate, so if you want to send and receive emails, your server will need to use it too.

Port 587 is another useful port to have open. This is an SMTP submission port, used to allow clients to transfer messages to the email server for sending. For example, if you use an email app to send a message, it will connect to the email server using port 587. If you want to send messages from a device other than directly on the server, open this port.

Port 2525 is another submission port, sometimes used in place of port 587. Leave this closed, unless you’re unable to use the other port.

The final port, 465, is a third submission port. This port has previously been used for SMTPS, a secure form of SMTP. In practice, this is not used, and should be left closed.

POP3/IMAP

POP3/IMAP are protocols used to allow incoming emails to be read from a server. If you use an email app to receive incoming emails, it will be connecting to the mail server using one of these protocols.

POP3, or Post Office Protocol v3, is the older of the two. Just like a post office sending a letter, a device using the POP3 protocol will take the email from the server. The email will no longer exist on the server – only on the POP3-connected device. POP3 connects through port 110.

IMAP, or Internet Message Access Protocol, works slightly differently. Connected devices receive copies of the emails on the server, with the server itself retaining a copy. This means that multiple devices can see the same emails, allowing your account to be accessed from multiple locations. Changes, such as email deletions, are synced across connected devices. This protocol uses port 993.

IMAP is the recommended way to connect, so it’s advised to open port 993.

Testing Your Ports

With the ports opened, it’s a good idea to test that they’re accessible from outside your network.

To do this, you’ll need to know the external IP address of your server. You can get this by running the following command on the server.

curl -4 https://ifconfig.co

To test the ports, we’ll be using the online tester available here: https://www.yougetsignal.com/tools/open-ports/

Enter your IP address, and test each port that was forwarded in the previous step.

Result of the port 25 test
In this example, port 25 is shown to be open, which is the result we’re looking for.

Each port should be listed as open, as above. If any are closed, double check you have forwarded them correctly on your router.

If you’re sure the ports are opened correctly, but the result says otherwise, your ISP might be blocking it. Check out our article to see how to work around this.