How to make exim4 work only on 465 and 587 ports?

Post Reply
compiz
Posts: 33
Joined: Fri May 28, 2021 12:29 pm

Hi guys,
I would like to stop using port 25, I see this port is where all the attacks take place in hetzner's datacenter on all the servers I am renting from there.
So I would like to close the port 25 and 2525 for good and use, as a current age, 465 and 587 ports only.
If I block the port in my firewall, then I can' receive any longer any e-mail from anywhere, I can send but no more inbound mails.
I have set also in the "/etc/exim4/exim4.conf.template"
"daemon_smtp_ports = 465 : 587
tls_on_connect_ports = 465"

But nope, once exim4 restarts and the port is blocked, goodbye for good inbound emails.
Is there any other setting I can do?

Thanks
User avatar
myVesta
Site Admin
Posts: 928
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

If I understand you right, when you remove 25 from exim4.conf.template and firewall, incoming emails stop to arrive ?
compiz
Posts: 33
Joined: Fri May 28, 2021 12:29 pm

myVesta wrote: Sat Aug 27, 2022 11:36 am If I understand you right, when you remove 25 from exim4.conf.template and firewall, incoming emails stop to arrive ?
Yes, once I close the port 25 from firewall and remove it from the config, restart exim4 then no more incoming emails
compiz
Posts: 33
Joined: Fri May 28, 2021 12:29 pm

Also I can't get emails from gmail, they always come back as "TLS Negotiation failed: FAILED_PRECONDITION: starttls error (71): 92728204055368:error:10000417:SSL routines:OPENSSL_internal:SSLV3_ALERT_ILLEGAL_PARAMETER:third_party/openssl/boringssl/src/ssl/tls_record.cc:594:SSL alert number 47"
User avatar
myVesta
Site Admin
Posts: 928
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

compiz wrote: Wed Aug 31, 2022 7:33 am
myVesta wrote: Sat Aug 27, 2022 11:36 am If I understand you right, when you remove 25 from exim4.conf.template and firewall, incoming emails stop to arrive ?
Yes, once I close the port 25 from firewall and remove it from the config, restart exim4 then no more incoming emails
Then it's obviously that some mail servers are built only to try delivery via port 25, and there is nothing you can do, obviously port 25 must be opened for proper SMTP functionality.
What kind of attack you get on port 25 ?

Kind regards from Chalkidiki ;)
compiz
Posts: 33
Joined: Fri May 28, 2021 12:29 pm

myVesta wrote: Fri Sep 02, 2022 2:35 pm
compiz wrote: Wed Aug 31, 2022 7:33 am
myVesta wrote: Sat Aug 27, 2022 11:36 am If I understand you right, when you remove 25 from exim4.conf.template and firewall, incoming emails stop to arrive ?
Yes, once I close the port 25 from firewall and remove it from the config, restart exim4 then no more incoming emails
Then it's obviously that some mail servers are built only to try delivery via port 25, and there is nothing you can do, obviously port 25 must be opened for proper SMTP functionality.
What kind of attack you get on port 25 ?

Kind regards from Chalkidiki ;)
You lucky duck! any chance you'll visit Athens too?
gmail, hotmail etc only work on 465, but I can't get any mail from them either!
Bot attacks on port 25, they try to hack some accounts (those accounts do not exists but I always see "wrong password for [email protected]" or "support" and other standard names for emails)
User avatar
myVesta
Site Admin
Posts: 928
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

fail2ban should be enough to stop them?

p.s. Unfortunately I can't put visit of Athens during my holiday, maybe next year <3
compiz
Posts: 33
Joined: Fri May 28, 2021 12:29 pm

fail2ban doesn't stop them csf firewall does with perma ip ban but still it is annoying on top of not useful!
Another thing, I have moved myvestacp from my old debian 11.4 vm to my dedicated server's debian 11.4vm with much more resources than the first vm.
I have restored users and all sites are up and running BUT no other user other than admin has any CRON jobs and NONE, including admin, has working backups!
If I do not go 1 by 1 the users and click manually to backup, then there is no backups!
I have tried to recreate the CRON jobs to each and every user but still 0 CRON jobs
Post Reply