HOWTO set scalix to respond on additional SMTP/IMAP ports?

[jaime.pinto]

Here in Canada we're seeing several organizations such as the Univ. of Toronto, Bell-Sympatico and more recently Rogers-Yahoo capturing and blocking *all* official outbound mail ports (25, 465, 585, 587), in an attempt to control spam being sent from networks under their umbrella. They want customers to user *their* SMTP servers, where they can filter emails for spam and virus.

I don't care about any of this, and I want to offer our scalix users the ability to use *our* IMAP/SMTP server from home to send their emails, after being authenticated.

I configured our original mail server (also using sendmail) to respond on port 5xxx to send/receive email before and it works fine. I tried to do the same with the scalix server, but that is not enough. Apparently something has to be done from inside scalix as well (for authentication), and I probably should remove the entry I put in sendmail of the scalix server.

So, what am I missing? Where exactly is scalix setup to respond on ports 25 and 587, so that I can add my non-standard 5xxx email port.

Furthermore, why is scalix not responding to IMAP/SMTP inquires on it "official port" 5729 (SSL, TLS or not)?

Thanks
Jaime

[Valerion]

5729 is used for UAL, which is the protocol the Scalix Outlook connector speaks. It would not understand IMAP/POP3/SMTP on that port.

In /var/opt/scalix/??/s/sys/smtpd.cfg try adding LISTEN=5000 to the file (I would suggest just before the RELAY lines) and restart the SMTP gateway. You can sonfigure port 587 in there too.

I remember seeing a post about the ability to change the IMAP port in here somewhere, but an easier solution is to use stunnel, then you get SSL encryption for free.

Of course, you can always have Scalix on its standard ports and let your firewall do the port translation when it does NAT (assuming you do, of course).

[jaime.pinto]

No luck.

The server already responds on port 587 by default. No need to uncomment that line.
I turned SUBMIT=ON following the instructions, as well as trying a couple of syntaxes for the LISTEN=port

Even rebooting the server does get it to respond on port 5000. It must be something else.

PS: I also did an extensive search on this forum on this subject. No luck either,

Thanks

[jaime.pinto]

I just got a great suggestion from our reseller: port redirection!
(I'm getting old, I should know better)

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5000 -j REDIRECT --to-port 25

This way, should your ISP block any IMAP port (in fact any port to any application/service), just pick one that it's unlikely it will be blocked and create a workaround on the server.

Jaime