How is sendmail sending emails without port 25 opened?

Question

I have Amazon AWS server which I'm configuring to receive emails.

AWS states that port 25 is closed for outgoing connections unless you specifically apply to have it opened.

But I tried to send an email anyway with sendmail from the command prompt, and it was delivered successfully.

How did this happen?

Until you share the configuration and/or the `Received` headers it was magic. — Esa Jokinen, Dec 13 '20 at 19:57

score 1 · Accepted Answer · answered Dec 13 '20 at 20:00

1

SMTP only needs port 25 for incoming connections. To send a mail any local port can be used in conjunction with port 25 on the remote mail server.

answered Dec 13 '20 at 20:00

unNamed

Then why does blocking outgoing port 25 prevent spam in any way? – CaptainCodeman Dec 13 '20 at 20:10
1

It does not. It just prevents people from hosting an unconfigured mail server which can be abused for spam. – unNamed Dec 13 '20 at 20:29
I'm curious, how does blocking outgoing traffic on port 25 prevent a server from being abused? If the outgoing port is not necessary for sending mail... – CaptainCodeman Dec 14 '20 at 09:55
Because the remote server has port 25 opened for incoming connections and thus outgoing traffic on port 25 needs to be blocked. Port 25 is default for SMTP. SMTP still has other ports which can be used for transfer like 465 or 587. It's most likely that sendmail used one of those TLS ports. From this website it says "By default STARTTLS is used whenever possible." https://www.sendmail.org/~ca/email/doc8.12/cf/m4/starttls.html#disable_starttls – unNamed Dec 14 '20 at 10:25

1 Answers1