ports 25, 465 and 587 are blocked automatically after installing DirectAdmin

[daro2013]

Hello all experts,

I am a newbie for DirectAdmin. After I installed DirectAdmin successfully, all the mail ports are blocked:

25, 465, 587, etc.

I then install firewall CSF which opens the following ports automatically:

$ cd /etc/csf
$ vi csf.conf

# Allow incoming TCP ports
TCP_IN = "6827,20,21,22,25,53,80,110,143,443,465,587,993,995,2222,6827,35000:35999"

# Allow outgoing TCP ports
TCP_OUT = "6827,20,21,22,25,53,80,110,113,443,587,993,995,2222"

# Allow incoming UDP ports
UDP_IN = "20,21,53,80,443"

# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "20,21,53,113,123"


All mail ports are open. However, when I tested connectivity in the settings of Post SMTP plugin, all these ports: 25, 465 and 587 are blocked.

Can you please advise how to fix them?

I very appreciate your advice.

Thanks

 

[ikkeben]

IP4 and IP6

?

Also i don't know test plugin?
From ip address this test?
error / log message on server self and from that test plugin?

Also used versions and OS. ?

 

[daro2013]

It is IP4. Here is the Wordpress plugin URL:

Post SMTP – WordPress SMTP Plugin with Email Logs and Mobile App for Failure Notifications – Gmail SMTP, Office 365, Brevo, Mailgun, Amazon SES and more

Improve WordPress email deliverability. Connect Gmail SMTP, Microsoft 365, Brevo, SendGrid, Mailgun, Zoho, Amazon SES, etc. #1 WordPress SMTP Plugin.

wordpress.org

Thanks in advance.

 

[daro2013]

I used cPanel before I moved to DirectAdmin due to cPanel being more expensive, and the fact that I have only got a couple of websites to host. That plugin has all those ports open when using cPanel, but they are blocked when using DirectAdmin.

Any advice is very appreciated.

 

[splby]

Hello. Most likely, you have an established meaning
SMTP_BLOCK = ON
This one blocks connections from the server by users to external smtp servers. This is the recommendation of many spam list owners.

 

[daro2013]

Hello. Most likely, you have an established meaning
SMTP_BLOCK = ON
This one blocks connections from the server by users to external smtp servers. This is the recommendation of many spam list owners.

Thanks for your help.

My wordpress website is a consumer website; I dont send any spam email. I use emails for user registration, forgot password, etc.

Where can I find that SMTP_BLOCK?

Do I need to set it:

SMTP_BLOCK = OFF

Cheers

 

[splby]

This is a csf parameter, editing is available in the panel. If you are using an external smtp server, then you can simply add its address to those allowed via csf.allow in the same csf.

 

[daro2013]

Hello. Most likely, you have an established meaning
SMTP_BLOCK = ON
This one blocks connections from the server by users to external smtp servers. This is the recommendation of many spam list owners.

Thanks. I set it as:

SMTP_BLOCK = "0"

in the above CSF config file.

ports: 25 and 587 are open now, but port 465 still blocked even I added it to above line:

TCP_OUT = "6827,20,21,22,25,53,80,110,113,443,465,587,993,995,2222"

Any advice please?

 

[splby]

Which ports this function monitors is specified in SMTP_PORTS. If you change the settings not through the panel, but directly in the configuration file, do not forget to reload csf via csf -r

 

[daro2013]

This is a csf parameter, editing is available in the panel. If you are using an external smtp server, then you can simply add its address to those allowed via csf.allow in the same csf.

Hi,

How can I set those ports open in:

$vi /etc/csf/csf.allow

Can you please give an example?

Cheers

 

[daro2013]

Which ports this function monitors is specified in SMTP_PORTS. If you change the settings not through the panel, but directly in the configuration file, do not forget to reload csf via csf -r

port 465 is blocked as a result of that plugin test.

Although ports 25 and 687 are open, external smtp server does not send out using that plugin.

Any advice is appreciated.

Thanks

 

[splby]

At the beginning of the file there is an example and your address, from which the installation was installed, is already added there. Just add the address you want on a new line.

 

[ikkeben]

SMTP_BLOCK = "0"

My wordpress website is a consumer website; I dont send any spam email. I use emails for user registration, forgot password, etc.

Uh if that website and other smtp mail acces on same server and the mail itself to then you don't need this on 0
SMTP_BLOCK = "0"

 

[splby]

Are you sure port 465 is closed? Check it out for yourself, not through a plugin. Port 465 only ssl, maybe you don't set this option in the plugin?

 

[daro2013]

Which ports this function monitors is specified in SMTP_PORTS. If you change the settings not through the panel, but directly in the configuration file, do not forget to reload csf via csf -r

Yes, it works now after reloading CSS.

But external SMTP using that plugin does not send email after testing?

Any advice?

 

[daro2013]

At the beginning of the file there is an example and your address, from which the installation was installed, is already added there. Just add the address you want on a new line.

Yes, I have added my server's IP in that allow file.

But cant send email out using SMTP with that plugin although all ports are open?

Any advice?

 

[daro2013]

These are errors given by the plugin:

• Port 25 is open, but not to mail.mydomain.com.
• Port 465 is open, but not to mail.mydomain.com.

I host my domain in Cloudflare.com, do I need to add mail.mydomain.com to CSF config file too? if yes, how can I add it?

Cheers

 

[splby]

Try to specify the server in the smtp plugin not through the domain name, but through the ip address. Cloudflare may block certain ports. So you can check if the connection goes through ip, then see the DNS and Cloudflare settings.

 

[daro2013]

Try to specify the server in the smtp plugin not through the domain name, but through the ip address. Cloudflare may block certain ports. So you can check if the connection goes through ip, then see the DNS and Cloudflare settings.

It works. I have changed mail.mydomain.com in that plugin setting to my server's IP as splby's advice.

Many thanks to all prompt support I have received to solve my issue.

Cheers

 

[Richard G]

SMTP_BLOCK = "0"

For security reasons I wouln't do that. There is a better way to do this.

You need to set these both settings like this:

SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "1"

This way no untrusted people can abuse your smtp from outside and local smtp traffic (from your customers) is allowed.