Dnia 10.09.2023 o godz. 10:20:19 Bill Sommerfeld via Postfix-users pisze: > There's another possible workaround, if the ISP won't budge (or even > if it does and you still find yourself blocked based on your > providers IP reputation): some service providers may let you > purchase outbound mail relay service; you'd send outbound to them > via an unblocked port like 587 and they'd relay via port 25. Shop > carefully as many of these services also have reputation issues.
Do it yourself. Rent a VPS somewhere and put Postfix on that VPS. Then you have two options: 1) configure the submission service on that VPS Postfix on port 465 in a standard way (I don't recommend port 587, wrapper-mode TLS is much more secure in your case than STARTTLS, you don't need to configure inbound mail on port 25 too), and configure your home Postfix to use the VPS as relayhost with proper SASL credentials. 2) if you don't want to bother with SASL, configure that VPS Postfix to accept mail on a non-standard port instead of 25, with wrapper-mode TLS, and allow to relay mail from your home IP. Then configure your home Postfix to use the VPS with non-standard port as relayhost. I'm not sure if you can do wrapper-mode TLS on sending side using Postfix only, but if that's not possible, you can always use stunnel to help you wrap the connection in TLS. Before you start to configure the sending side (home Postfix), try to connect to either port 465 or your non-standard port on your VPS with for example "openssl s_client -connect" and check the certificate. It should be the same as the actual certificate installed on your VPS (may be self-signed, doesn't matter), then you know there's no man-in-the-middle intercepting the communication. If the certificates differ, try port 443 - ISP shouldn't intercept traffic on that port because certs in your browser wouldn't match when you connect to websites. Yet another option is to use ssh tunnel to send mail to the VPS postfix. Postfix on VPS may be in that case configured to relay mail from localhost only, so port 25 bound only to localhost and no submission service. Set up a SSH tunnel between your home server (any port) and localhost port 25 on the VPS (you must check the SSH key fingerprint similar to checking the certificate in the TLS option), and use the port you chose for tunnelling as relayhost in your home Postfix. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
