How to enable port 587 (submission) in postfix

pSome internet access providers have port 25 disabled in their routers to prevent spam. If you run your own email server in a data center, you might have to enable the submission port (587) in postfix to be able to send emails from your local email client to your own mail server.

Enable Submission Port 587 in Postfix

To enable port 587, edit the file /etc/postfix/master.cf

nano /etc/postfix/master.cf

and remove the # in front of the line:

# submission inet n - y - - smtpd

so that it looks like this:

submission inet n - y - - smtpd

and restart postfix:

systemctl restart postfix

Frequently Asked Questions

What is Port 587?

Port 587, known as the submission port, is used for mail submission. It's the port recommended for clients to submit emails for delivery by the server. Enabling it in Postfix is important for secure and authenticated email submission.

How do I check if Port 587 is already enabled in Postfix?

You can check if Port 587 is enabled by running postconf -n | grep smtpd -i in your terminal. This command will show the Postfix configuration and you should look for lines referring to smtpd listening on port 587.

What are the basic steps to enable Port 587 in Postfix?

To enable Port 587 in Postfix, you need to:

  • Edit the Postfix configuration file (usually /etc/postfix/master.cf).
  • Uncomment or add a line for submission inet n - y - - smtpd.
  • Configure appropriate security and authentication settings.
  • Restart the Postfix service.

How do I configure security and authentication settings for Port 587?

Security settings include enabling SSL/TLS encryption and specifying authentication mechanisms. You'll need to:

  • Edit /etc/postfix/master.cf to include parameters such as smtpd_tls_security_level=encrypt and smtpd_sasl_auth_enable=yes.
  • Specify the path to your SSL certificates.
  • Ensure SASL authentication is properly set up.

What is the difference between ports 25, 465, and 587 in Postfix?

Port 25 is the standard SMTP port, traditionally used for transferring emails between mail servers and for client submissions, often unencrypted. Initially, port 465 was used for SMTPS (secure SMTP), but it's deprecated now. Port 587 is the recommended port for client email submission, usually requiring encryption and authentication.

Do I need to open Port 587 in my firewall?

If you have a firewall, you need to open Port 587 to allow inbound and outbound traffic for it to function properly.

How can I test if Port 587 is working correctly in Postfix?

You can test Port 587 by using a mail client to send an email through your Postfix server using port 587. Alternatively, you can use tools like telnet or openssl s_client to connect to your server on port 587 and manually initiate an SMTP session.

What are some common errors when setting up Port 587 in Postfix?

Common errors include:

  • Not restarting Postfix after making changes.
  • Incorrect firewall settings blocking the port.
  • Misconfigured SSL/TLS or authentication settings.
  • Syntax errors in the Postfix configuration files.

Is it necessary to use SSL/TLS with Port 587?

It's highly recommended to use SSL/TLS with Port 587 to ensure that the email submissions are encrypted and secure.

How do I restart Postfix after making changes to the configuration?

You can restart Postfix by running the command sudo systemctl restart postfix on most Linux distributions. This will apply any changes made to the configuration files.