Port 25 blocked, can't figure out by whom?

App & System Services Hardware
Das Goravani OP
Created Apr ’22
Replies 3
Boosts 0
Views 1.1k
Participants 2

Hello everyone,

I have a MacMini server set up. I recently moved from Florida to North Carolina. Everything was working fine in FL. Now in NC my mail server won't work, as port 25 seems to be blocked.

I am using Dynamic IP Addressing with NO-IP.com. So yes, I have a mail server on a Dynamically Addressed server. This is all in an effort to save money. Also I have to have my own server due to a database engine I run off one of my sites. The database software runs only on Mac, so hence I have a Mac server. I chose to run my email off it, but soon found that I was blacklisted, something that I now know comes from simply being on NO-IP. Consequently I no longer use my mail server for outgoing email, only to receive on an old domain and it's email addresses that are legacy to my business. It is for business reasons that I want these old email addresses to still be able to receive.

I set up everything in NC identical to how it was in FL. I'm with the ISP Spectrum in both states. I have today called Spectrum NC and verified that they do not close any ports. They do not. So it's not my ISP.

On the Mac server, using Network Utility and the PortScan feature it says that port 25 is open. Another technical person did some remote checks and found that port 25 was open.

However if you Telnet into the IP address and port 25 you get a time out error message.

Using MXToolBox on the web also shows that there is a time out.

Mail sent to the addresses simply does not arrive.

I am sending test emails and after awhile getting back undeliverable mail letters stating that connection was refused.

My Mail Serving software on the server says in it's Mail Que that connection was refused.

So some types of checks of port 25 say that it is open while the checks that matter say connection refused, time out, etc.

NO-IP checked my account and says there are no issues. Indeed DNS to the website I host on my server works.. I am able to pull up the website on a remote computer. Spectrum says they do not close ports. I am with Spectrum now as I was when I lived in FL. Everything worked there, but here mail is not working on port 25.

I am aware that my site is black listed on a few sites that do that. This makes sending mail bad, but I use it only to receive. I do my outgoing mail on an iCloud.com account. But I still want to receive on these addresses.

The IP number is currently 107.15.211.220 though this could conceivably change. The domain is Goravani.com

The server is running Catalina.

The person who wrote MailServe is helpful. He tried to test my port remotely and he said he was able to reach the edge of my router's turf but was NOT able to reach the server through port 25. He assured me therefore that the problem is with the router, or my ISP, or somewhere NOT within his software which is simply called MailServe.

Mind you again that the blacklist's did NOT prevent my mail from working when I lived in FL just days ago. So don't say that the blacklist's are causing this, as they did not.

Everything else is working properly, namely HTTP is working, my website is being served.

I have forwarded the ports as usual through the router. I am very familiar with doing that.

Everything was working in Florida, and before that I lived in Portland Oregon and everything worked there as well. Only now that I move to NC mail alone is not working. Nothing changed, I just moved the server and router to a new address. Given that NO-IP is what I'm using, moving is not a problem normally. They handle the DNS for the new dynamic IP.

Replies  3
Boosts  0
Views  1.1k
Participants  2
Das Goravani OP
Apr ’22

I just tried to SSH into the server from my MacBook Pro remotely, and it said that the operation timed out. That's unusual, it worked before. So now port 22 is timing out along with port 25. If that's a clue.

0
Das Goravani OP
Apr ’22

Never mind on that last comment. Seems I turned off remote login in sharing setup.

0
Hoffman OP
Apr ’22

You need to set up port forwarding in your firewall for TCP 25, TCP 587, and TCP 993 or TCP 995, and that forwarding needs to map to your mail server IP address. The mail server IP address on your internal network—one of the three private IP blocks most likely, if you don't have a block of public static addresses and don't have your mail server directly connected—should be a static IP address.

You need a static IP address and proper forward and reverse DNS—and you don't presently have that for DNS, with no MX and a reverse that tracks back to TWC/RR—or you need to set up a mail relay.

Mismatched DNS means your mail server is considered a spam engine by other mail servers, based solely on DNS. It'll get dropped. Other than fixing your DNS, or relaying, there is nothing you can do about this. And if the remote server uses reputation or other filtering techniques, mail can still get dropped on the destination server.

As for incoming or arriving mail, I've worked with various mail servers which will reject sending messages to servers with misconfigured DNS.

If you do have a static IP with TWC/RR, then chat with them about setting up forward and reverse DNS correctly for your usage here both in the TWC/RR network, and port forwarding within your firewall.

% dig +short -x 107.15.211.220
cpe-107-15-211-220.nc.res.rr.com.
% dig +short -t MX Goravani.com
5 Goravani.com.
% dig +short Goravani.com 
107.15.211.220
%

Start with a discussion with your ISP about TCP 25, 587, and 993 or 995. Fix the PTR record for your mail server (from TWC/RR to your domain), too. Or set up to relay through the TWC/RR mail servers. Or host remotely, of course.

0
Port 25 blocked, can't figure out by whom?
First post date Last post date
 
 
Q