# Qmail How do I configure smtp to listen to more than 1 port.

## dcfogg

 :Confused:  I have installed and set-up qmail following the installation guide at http://www.gentoo.org/doc/en/qmail-howto.xml and it works great. I haven't configured qmail-scanner yet. My porblem is I have clients who want to connect to smtp with an alternitive port rather than port 25 because thier ISP(Optimum Online) blocks port 25. I found a posting about a way to do it on a non-Gentoo system but I am not quite sure how to adapt it to Gentoo. http://www.linode.com/forums/archive/o_t/t_380/how_do_i_make_qmail_smtpd_listen_on_2_different_ports.html

I tried the iptables method listed there also and it didn't work. I have looked through the postings on this forum and did not find the solution.

My smtpd config file and tcp-rules-smtp file are listed below. (IP's are changed) 

 # Configuration file for qmail-smtpd

# $Header: /var/cvsroot/gentoo-x86/mail-mta/qmail/files/conf-smtpd,v 1.2 2004/07/18 03:29:51 dragonheart Exp $

# Stuff to run before tcpserver

#QMAIL_TCPSERVER_PRE=""

# Stuff to run qmail-smtpd

#QMAIL_SMTP_PRE=""

# Stuff to after qmail-smtpd

#QMAIL_SMTP_POST=""

# this turns off the IDENT grab attempt on connecting

TCPSERVER_OPTS="${TCPSERVER_OPTS} -R"

# You might want to use rblsmtpd with this, but you need to fill in a RBL server here first

# see http://cr.yp.to/ucspi-tcp/rblsmtpd.html for more details

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} rblsmtpd -r RBL-SERVER"

# If you are interested in providing POP or IMAP before SMTP type relaying,

# emerge relay-ctrl, then uncomment the next 2 lines

#QMAIL_TCPSERVER_PRE="${QMAIL_TCPSERVER_PRE} envdir /etc/relay-ctrl relay-ctrl-chdir"

#QMAIL_SMTP_PRE="${QMAIL_SMTP_PRE} relay-ctrl-check"

# In /etc/courier-imap/authdaemonrc add the next line to the end:

#authmodulelist="${authmodulelist} relay-ctrl-allow"

# Then in /etc/courier-imap/{imapd,imapd-ssl,pop3d,pop3d-ssl}

# Add this at the end

#PRERUN="${PRERUN} envdir /etc/relay-ctrl relay-ctrl-chdir"

# This next block is for SMTP-AUTH 

# This provides the LOGIN, PLAIN and CRAM-MD5 types

# the 'cmd5checkpw' used in $QMAIL_SMTP_AUTHCHECKPASSWORD supports CRAM-MD5

# and reads it's data from /etc/poppasswd

# see the manpage for cmd5checkpw for details on the passwords

# uncomment the next four lines to enable SMTP-AUTH

QMAIL_SMTP_AUTHHOST=$(<${QMAIL_CONTROLDIR}/me)

[ -z "${QMAIL_SMTP_POST}" ] && QMAIL_SMTP_POST=/bin/true

QMAIL_SMTP_CHECKPASSWORD="/var/vpopmail/bin/vchkpw"

QMAIL_SMTP_POST="${QMAIL_SMTP_AUTHHOST} ${QMAIL_SMTP_CHECKPASSWORD} ${QMAIL_SMTP_POST}"

# to update the database after changing this file, run:

# tcprules /etc/tcprules.d/tcp.qmail-smtp.cdb /etc/tcprules.d/.tcp.qmail-smtp.tmp < /etc/tcprules.d/tcp.qmail-smtp

#------------------------------------------------------

# DESCRIPTION OF THE RULES TO REMIND ME OF HOW THIS FILE WORKS

#

# If you set 'allow', this means that our mail server will allow

# the specified IP range to make a TCP connection to our server

#

# If you set 'deny', this means that our mail server will not allow

# the specified IP range to make a TCP connection to our server

#

# If you set RELAYCLIENT="", this means that the listed IP range is 

# allowed to relay mail through our server

#

# If you dont set RELAYCLIENT="", this means that the listed IP range

# will not be able to relay mail through our server

#

# If you set RBLSMTPD="", this means that the listed IP ranges will

# not be checked against any of the RBL databases

#

# If you set RBLSMTPD="some text here", this means that an RBL lookup

# wont be performed, but the mail will be rejected with the specified

# text as a 4xx temp error message

#

# If you set RBLSMTPD="-some text here", this means that an RBL lookup

# wont be performed, but the mail will be rejected with the specified

# text as a 5xx perm error message

#

# If you do not set RBLSMTPD="" or ="some text", then an RBL lookup

# will be performed. If the lookup is successful, then RBLSMTPD will

# return your custom error message (as specified in the -r parameter

# in smtpd supervise script)

#

#-----------------------------------------------------

# HERE ARE THE RULES! :

#-----------------------------------------------------

# BYPASS OPEN RELAY CHECKING FOR THESE IPS :

#

# These IPs are ones that we have setup so that they arent RBL checked.

# We have done this because these particular servers are RBL listed,

# and for whatever reason they can't/won't fix their open relay problem,

# and we still want to be able to receive mail from them.

# 

# reminder text goes here for this entry so we know the story...

#111.111.111.111:allow,RBLSMTPD=""

# reminder text goes here for this entry so we know the story...

#222.222.222.222:allow,RBLSMTPD=""

#

#-----------------------------------------------------------------

# DONT ALLOW THESE IPS TO SEND MAIL TO US :

#

# mailXX.offermail.net connecting regularly and sending invalid

# format messages causing exit with status 256 (bare linefeed normally)

# entry added 15/12/2001

# after looking at the mail coming from these servers it was found to be spam

#216.242.75.100-116:allow,RBLSMTPD="-Connections from this IP have been banned."

#

# heaps of spam from replyto of *@freeamateurhotties.com dec2001

#64.228.127.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#154.20.94.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#209.151.132.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#216.18.85.:allow,RBLSMTPD="-Connections refused due to spam from freeamateurhotties.com"

#

#-----------------------------------------------------------------

# ALLOW THESE IPS TO RELAY MAIL THROUGH OUR SERVER

#

# Local class-c's from our LAN are allowed to relay,

# and we wont bother doing any RBL checking.

#123.123.123.:allow,RELAYCLIENT="",RBLSMTPD=""

#123.111.111.:allow,RELAYCLIENT="",RBLSMTPD=""

62.92.121.08:allow,RELAYCLIENT="",RBLSMTPD=""

63.35.10.91:allow,RELAYCLIENT="",RBLSMTPD=""

#

# Connections from localhost are allowed to relay 

# (because the WebMail server runs on localhost),

# and obviously there is no point trying to perform an RBL check.

127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD=""

#

#-----------------------------------------------------------------

# ALLOW EVERYONE ELSE TO SEND US MAIL

#

# Everyone else can make connections to our server,

# but not allowed to relay

# RBL lookups are performed

:allow

# If you are using qmail-scanner, this line here is the correct one to use

# instead (comment out the above ':allow' line FIRST) and applies that script

# to any mail coming in that is not from a host allowed to relay. You can

# change the value of the variable to any other value you desire to use custom

# scripts for example.

#:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

 :Confused:  Any input would be appreciated [url][/url][url][/url][url][/url]

----------

## hegga

Could it work with:

```

cp /var/qmail/supervise/qmail-smtpd /var/qmail/supervise/qmail-smtpd2

ln -s /var/qmail/supervise/qmail-smtpd2 /service/qmail-smtd2

sed -i 's/${TCPSERVER_PORT}/2525/g' /var/qmail/supervise/qmail-smtpd2/run

/etc/init.d/svscan restart

```

I haven't testet this thing, but i hope it should open an qmail-smtpd on port 2525.

Please let me know if it worked if you decide to try this.

----------

## dcfogg

 *Quote:*   

> multilog: fatal: unable to lock directory /var/log/qmail/qmail-smtpd: temporary failure
> 
> 

 

It seems the logging script doesn't know the difference between qmail-smtpd and qmail-smtpd2  :Rolling Eyes: 

----------

## dcfogg

I fixed the error I got after making the suggested changes by editing the /var/qmail/supervise/qmail-smtpd2/log run script and changing it to

SERVICE=smtp

source /var/qmail/bin/qmail-config-system && \

exec /usr/bin/setuidgid qmaill /usr/bin/multilog ${LOG_OPT} /var/log/qmail/qmail-smtpd2

netstat -an shows a socket listening on port 25 but none on 465 (which I used instead of 2525)

 :Sad: 

----------

## dcfogg

I changed the run script in /var/qmail/supervise/qmail-smtpd2 to

SERVICE=smtp

source /var/qmail/bin/qmail-config-system && \

exec /usr/bin/softlimit ${SOFTLIMIT_OPTS} \

    ${QMAIL_TCPSERVER_PRE} \

    /usr/bin/tcpserver ${TCPSERVER_OPTS} -x ${TCPSERVER_RULESCDB} \

    -c ${MAXCONN} -u ${QMAILDUID} -g ${NOFILESGID} \

    ${TCPSERVER_HOST} 465 \

    ${QMAIL_SMTP_PRE} /var/qmail/bin/qmail-${SERVICE}d ${QMAIL_SMTP_POST} \

    2>&1

 and netstat -an shows a server listening on port 465

however the logfile in /var/log/qmail/qmail-smtpd2 shows this 

tcpserver: fatal: unable to bind: address already used

tcpserver: fatal: unable to bind: address already used

The account settings test on Outlook sends a test email fine on port 465 but then when testing normal send pocedure the process fails  :Confused:   :Sad: 

----------

## djnauk

I don't know about qmail settings, but you could try and setup iptables to redirect incoming ports on your machine to another port (you could use DNAT or SNAT, but keeping the source and destination addresses the same):

```
iptables --table nat --append PREROUTING -p tcp --dport 465 --jump DNAT --to 127.0.0.1:25
```

That could keep configuration alot easier, and you can use the listings from iptables to see if you're getting any hits though it.

----------

