Comcast just started blocking port 25 outgoing. I have several computers at home configured to send email reports of cron jobs. Of course they do this by trying to send mail on port 25 from inside the house to my mail server outside. Now that Comcast is blocking that, I need some other way for my emails to be delivered.
The easiest solution I could come up with was to tell my mail server to listen on another port such as 587, and have my firewall route requests for port 25 to port 587. Here is the iptables rule to do that!
iptables -t nat -A PREROUTING -p tcp -i eth0 -d xx.xx.xx.xx --dport 25 -j DNAT --to-destination :587
Where xx.xx.xx.xx is the IP address of my mail server. Now all the computers inside think they are communicating with my mail server on port 25, but the firewall secretly passes the request on to port 587 instead.
