Open port on Debian 9

linksm · 03-06-2021, 07:50 AM

Hello. Please tell me - how to open a port in debian 9, for example, 25th. And then there are so many benefits that simply contradict each other and there is nothing clear and intelligible

berndbausch · 03-06-2021, 07:54 AM

As far as I know, Debian doesn't close ports by default. How do you know it's closed?

Generally, you use a firewall to close and open ports, such as ufw. You can also use the iptables command.

I don't know what you mean by benefits that contradict each other, and what is not clear and intelligible.

wpeckham · 03-06-2021, 07:59 AM

Unless you are running a firewall, the only requirement to open a port is that you have an application running to service that port with enough authority to request the port access.
Port 25 is used for SMTP, so if you start a mail server that listens on all interfaces you will then see that port 25 is open.

If you DO run a firewall, you need also use a command to open the firewall for that port traffic. What that command would look like depends upon what firewall you are running.

PS: if you are behind a NAT interface or an edge security device to protect your network from the wild, there are also routing issues to get internet mail traffic inside and to your server. Those are managed at that edge device, and not on the local (internal) server and would be an entirely different topic.

HappyTux · 03-06-2021, 09:11 AM

Quote:

Originally Posted by wpeckham

Unless you are running a firewall, the only requirement to open a port is that you have an application running to service that port with enough authority to request the port access.
Port 25 is used for SMTP, so if you start a mail server that listens on all interfaces you will then see that port 25 is open.

If you DO run a firewall, you need also use a command to open the firewall for that port traffic. What that command would look like depends upon what firewall you are running.

PS: if you are behind a NAT interface or an edge security device to protect your network from the wild, there are also routing issues to get internet mail traffic inside and to your server. Those are managed at that edge device, and not on the local (internal) server and would be an entirely different topic.

You left out many ISPs block that port 25 so the clueless who run a mail server at home do not get owned and become spam bots. Then add in all the mail servers around the world that will refuse to even connect to it when discovery from them turns up none of the requirements for sending mail on the modern internet. It is no longer a setup and send mail, you need the proper configurations in place for the verification's or they refuse to connect to some random mail server on the net.

linksm · 03-19-2021, 04:30 PM

So, I am describing the situation in more detail. There is a server on Debian 9, on it you need to organize virtual hosts \ subdomains, which will each be tied to its own IP, from which mailings will go. I did it through Postfix instances, prescribing through main.cf and master.cf. As a result, everything works on the main host, but two virtuals do not work - port 25 and the rest are closed for them. I registered everything that is possible in iptables - complete zero. If I write in the main main.cf, forcibly: smtp_bind_address = Х.Х.Х.Х smtp_helo_name = mail1.new.com myhostname = mail1.new.com Then only then the port is somehow opened for him and the mailing is going on. But they don't work together, only separately. The virtual hosts themselves do not open through the browser, ERR Connection Timed Out, the main site opens itself.