Docker-mailserver: SMTP Port troubles on EC2

AWS blocks port 25 on EC2 instances by default. A request should be submitted to remove this restriction

See https://aws.amazon.com/premiumsupport/knowledge-center/ec2-port-25-throttle/

Yeah I already requested that, they refused to remove the restriction and pushed me to SES.

Then how is this related to docker-mailserver? This should be a ticket handled by your provider, since we cannot do anything about the situation.

@aendeavor actually I asked a question direct related with the docker-mailserver and that was how to assign another port for SMTP. If you meant to say it's impossible to do it, I get it, however please don't derail the subject. Thanks!

Anyway this is the truncated error I'm getting:

Cannot start mailserver service: driver failed programming external connectivity on endpoint 'docker-mailserver'
Error starting userland proxy: listen tcp 0.0.0.0:25: bind: address already in use

Anyway this is the truncated error I'm getting:

Cannot start mailserver service: driver failed programming external connectivity on endpoint 'docker-mailserver' 
Error starting userland proxy: listen tcp 0.0.0.0:25: bind: address already in use

@BlockI0tChain I should have read the whole question, my bad. The error you're seeing however tells us that port 25 (on the host) is already taken by another service and therefore cannot be allocated. How is this related, i.e. what did you do? It does not seems like something changed with port 25.

If you'd like to hear what I think about changing the port allocation from 25 to another one: _I think this is a bad idea._ There's a reason these standard ports below 1024 exist. Trust me, It will be easier in the long run for you if you get port 25 working.

@BlockI0tChain it is impossible to use another port because foreign SMTP servers expect to be able to reach you on port 25 and they expect you to contact them on 25. If you pick another port you can only communicate with servers you control, where you can configure the other end to cooperate. That is fairly useless.

It is possible to configure another server as a relay, though. Search for that in the issues and wiki. There are free providers you can use if you send very low volumes. I've never done that myself, but there are other users who do it. Then you can use another port (typically the submissions port) to reach the relay server and it will use port 25 in your place.

Indeed you are both right guys and thanks for the input.
I'm aware this will be useless with foreign SMTP servers, I'll be using this however for communication between my own servers so I still want to learn what's the right way to custom configure this port.

@aendeavor regarding the error issue, you are right as well, it seems the newest Linux AMI instance starts with a default Postfix configuration already listening to port 25, dunno yet why. If i kill that process i can start the container, so no issue here.

Well, if you want to use another port the easiest solution would be to map port 25 to something else with Docker? Instead of binding port 25 in the container to port 25 on the host you can bind port 25 in the container to port 10025 or whatever on the host and use that one? This way you only need to change the compose file.

Yeah that's right. That's the workaround I'm using already.

Well, in that case perhaps you should close this ticket as you have a solution in place?

It is possible to change the SMTP port for Postfix, see https://www.suse.com/support/kb/doc/?id=000016705. You could do that from the user-patches.sh script. It is messier and gives you nothing more than what you already have though, so I don't see why you would want to do that.

Sure thing, maybe this workaround/alternative could go2 wiki for the cloud deployment specifics? Most platforms are blocking the standard port by default anyway.

Sure thing, maybe this workaround/alternative could go2 wiki for the cloud deployment specifics? Most platforms are blocking the standard port by default anyway.

I don't think this is the way to go:) There's a reason this port is "blocked" in the first place. But by contacting the provider they will easily unblock it. And as already mentioned, not using port 25 is impossible if you'd like to talk to the rest of the world - since 25 is well-known :D

Nah I agree with you, however you need to consider the specific use-cases mentioned in this issue. Moreover AWS won't unlock this port upon request at all, believe me i really tried and I have a pretty legitim and pertinent case nonetheless.
Anyways, although this issue won't have an easy fix anytime soon I'm closing it down with a couple remarks:

• A SMTP relay will help you out if you need your server to be opened to the world. Got good results with Gmail's server.
• For mail communication between APIs a simple change in the binding of the host:container standard ports in the docker-compose file will do work around any blocked host port.
• No other option seems to be feasible at time.

Thanks all for the input!