Zabbix and non-standard email server port

The most used notification type in Zabbix (and other systems, likely) is email. So, suppose you’ve installed Zabbix server and want to enable the alerts. There’s only one minor issue: your SMTP runs on a non-standard port. For whatever reason. This can’t be a problem, can it?

Wrong!

Meet Zabbix: 15 year of development (9 since first stable release), hundreds of developers, thousands of installations, hundreds of thousands of lines of code and NO OPTION TO CHANGE SMTP PORT.

That’s just beyond good and evil.

Anyway, what are the options? Let’s see:

1. Route mail through local smtp to the remote one (doesn’t help when it’s the local SMTP that is on a different port)
2. Redirect with iptables (for those on Linux)
3. Use custom media script

Since my Zabbix installations are all Linux-based, the chosen solution is iptables. Supposing that SMTP port is 20025, this is what usually used for port redirection:

iptables -A INPUT -m state --state NEW -p tcp --dport 20025 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 25 -j REDIRECT --to-ports 20025

However, if you access the service from localhost, it won’t work, since the packets don’t get into PREROUTING. What you need to add is

iptables -A OUTPUT -p tcp -d 127.0.0.1 --dport 25 -j REDIRECT --to-port 20025

Now the email server is accesible on port 25 from both inside and outside. And Zabbix is finally able to use it.