Join the community today
Register Now

Port 20 SMTP being filtered

Discussion in 'System Administration' started by Matt Williams, May 13, 2021.

  1. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    7:39 AM
    latest
    10
    Been trying to figure out an issue with CSF and Fail2ban ( possibly ) for days now. For some odd reason SMTP Port 25 is being filtered by something and I can't pinpoint why and what it's being filtered with. I've tried stopping csf then trying to send mail again. No luck. Tried stoping csf and fail2ban and send mail. No luck. multiple VPS restarts/reboots.

    ---[Ports]---
    21/tcp open ftp syn-ack
    25/tcp filtered smtp no-response <<
    80/tcp open http syn-ack
    443/tcp open https syn-ack

    I have no idea what port 25 is being filtered with. I am hoping you can help me @eva2000 ?
    Talked to Vultr - their not filtering nor blocking it.

     
  2. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    10:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    how are you testing this?

    port 25 should be whitelisted already in CSF Firewall config file at /etc/csf/csf.conf CSF Firewall - CentminMod.com LEMP Nginx web stack for CentOS you can check TCP_OUT and TCP6_OUT have in it's comma separated listing port 24
    Code (Text):
    egrep '^TCP_|^TCP6_|^UDP_|^UDP6_' /etc/csf/csf.conf
    


    Vultr blocks port 25 and SMTP outbound for new Vultr accounts until you do their ID verification otherwise all VPSes within Vultr account will block outbound email sending. Same for Linode too. I assume you have already done ID verification to unblock outbound email restrictions?
     
  3. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    7:39 AM
    latest
    10
    Code:
    TCP_IN = "20,21,2637,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,81,9418,30001:50011"
    TCP_OUT = "8080,2525,465,1110,1194,9418,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP_IN = "67,68,1110,33434:33534,20,21,53,80,443"
    UDP_OUT = "67,68,1110,33434:33534,20,21,53,113,123"
    TCP6_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,81,9418,30001:50011"
    TCP6_OUT = "8080,2525,465,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP6_IN = "20,21,53,80,443"
    UDP6_OUT = "20,21,53,113,123"
    
    I sent a support request to Vultr asking them for whatever help they could give and that's when they sent me that "Filtered" result. I had them unblock port 25 a long time ago so I knew that wasn't the issue.

    The issue is it's not blocked, It's filtered by something and I haven't got a clue what. I'm getting mail into WHMCS just fine but sending mail out = no go. All settings have been checked even by WHMCS support. No Issues in WHMCS itself.

    I coldn't figure out the issue so I just decided to get Mailgun instead of using the standard phpmail.
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    10:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    I assume Mailgun is using SMTP port other than 25 ? Otherwise it would use port 25 and then the program wouldn't be server's Postfix MTA mail server itself.

    Not familiar with WHMCS but double checked settings as there seems to be an option to disable email sending Mail Tab - WHMCS Documentation

     
  5. Matt Williams

    Matt Williams WordPress Fanatic

    537
    104
    43
    Nov 22, 2014
    Virginia, USA
    Ratings:
    +157
    Local Time:
    7:39 AM
    latest
    10
    I checked that and the settings are correct. The only thing I have not checked is Namecheap email service. Maybe namecheap is filering it somehow. I use their business email. It didn't dawn on me until now to check with them to see.... TBC
     
  6. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    1:39 PM
    When there are mail problems, the quickest solution is found by eliminating problems:

    - Are you sure Namecheap Business mail (seems to be known as private mail before) is supporting port 25? Because port 25 seems to be not supported and therefore does not respond.

    - Have you already tested an alternative port? For example 465 or 587.

    - Is the Transport Layer correct? Namecheap only supports TLS on port 25,
    but port 25 seems to be consumers mail and/or an old support article.

    Port 25 is usually spammed, so there are several providers that block or limit port 25 by default.

    - Have you already asked Namecheap if they blocked your VPS's ip (in case of to many unsuccessful tests for example) ?

    - Is Namecheap blocking unsafe mail APPS at default? Like more providers are blocking server postfix and exim at default.

    - Do you have a mail provider that you are sure works so you can test it? I often use a simple mail provider to quick-test and rule out what is wrong?

     
    Last edited: May 14, 2021
  7. eva2000

    eva2000 Administrator Staff Member

    54,548
    12,221
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,790
    Local Time:
    10:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+