OFF TOPIC - Protecting industrial systems - Port 25

Hi

I have a Siemens PLC with built in web server and smtp capability. I am trying to get this sending emails on the current internet. Once I establish this I hope to run the PLC on the safe network allowing me secure access remotely without the risk of industrial sabotage.

I think Safe will come in real handy for securing industrial systems.

Anyhoow, My BT ISP seems to block port 25

telnet google.com 25 in cmd

returns this

“Could not open connection to the host on port 25”

I need help on how to get around this and which email account will allow smtp.

I have been active in this forum for a few years now so i know someone here will point me in the right direction.

Cheers

4 Likes

Port 25 is considered obsolete. Google doesn’t use it anymore - that’s the probable reason why you can’t connect.

Some years ago the internet community decided to use port 587 as the new SMTP default. But now 587 is also obsolete. Major providers are now using 2525 instead.

PS: I think this should be in the OFF-TOPIC category. Or maybe you can add an “[OFF-TOPIC]” in front of the title.

Thanks. Unfortunately I am stuck with port 25 on this equipments.

Can you set a Socks5 proxy on this device? If so, you can use some paid service like nordvpn.com (be aware that not all VPN providers offer socks5).

If this device doesn’t support Socks5, you can use a VPN instead. You will need to pay for a VPN, config a gateway (eg.: get an old machine that you don’t use anymore, install some freebsd/openbsd/linux), configure this gateway to use the VPN as its gateway, and then configure your PLC to use this new gateway.

Apart from the email issue I see a problem with assuming that once your PLC is talking on the SAFE network that it will be immune to the current vulnerabilities.

You may be able to remove some web browser vulnerabilities by not having the web browser enabled (on the current internet as opposed to a SAFE only browser). But you will still be open to any other flaws built into the PLC code. Like does its TCP/IP network stack have buffer overrun flaws, or other vulnerabilities that can be exploited externally.

That will be your incoming port. You would still be able to contact other servers on port 25. So as @loureirorg says it would be on google’s end not accepting port 25 packets. My ISP has the same block on port 25

Then you need to use another email service that allows port 25, OR setup a small linux box with a email on your local LAN that can talk via another port to google

1 Like