Skip to main content

User can telnet or work with external SMTP

speckados
In my server I can blocked use of php for send email with sendmai"l. User needs config PHP for use SMTP funcions instead. In Wordpress I recommend the use of Post SMTP, and it works perfectly locally. Today a client wanted to configure an external service (external server) and has found that he cannot connect to the remote server. 1. I checked that the remote server is not blocked by the firewall. 2. I checked that the output ports were open (465) 3. I checked that allow_url_fopen was allowed for the user 4. I verified that the user had not activated in the wp-config.php define ('WP_HTTP_BLOCK_EXTERNAL', true); (is in false) 5. Check in the shell that the remote server could be accessed and its port 6. Try to check the same and here the problem. The user, who cannot connect remotely, is rejected. With bash shell either jailshell # Jailshll [root@srv109 ~]# su - dunlopillo "ltimo inicio de sesi"n:jue sep 17 11:16:18 CEST 2020en pts/0 [dunlopillo@srv109 ~]$ telnet smtp.serviciodecorreo.es 465 Trying 82.223.190.139... telnet: connect to address 82.223.190.139: Connection refused # Bash [root@srv109 ~]# su - dunlopillo "ltimo inicio de sesi"n:jue sep 17 11:23:55 CEST 2020en pts/0 [dunlopillo@srv109 ~]$ telnet smtp.serviciodecorreo.es 465 Trying 82.223.190.139... telnet: connect to address 82.223.190.139: Connection refused # Root [root@srv109 ~]# telnet smtp.serviciodecorreo.es 465 Trying 82.223.190.139... Connected to smtp.serviciodecorreo.es. Escape character is '^]'

Comments

7 comments

Date Votes
  • ffeingol
    You pretty much answered your own question. From the above 82.223.190.139 is refusing your connection. It could be a couple of things:
    • They simply have your IP blocked
    • They are not using port 465 (try 25 or 587)
    Either way, you (or your customer) is prob. going to have to contact them to find the answer.
    0
  • speckados
    You pretty much answered your own question. From the above 82.223.190.139 is refusing your connection. It could be a couple of things:
    • They simply have your IP blocked
    • They are not using port 465 (try 25 or 587)
    Either way, you (or your customer) is prob. going to have to contact them to find the answer.

    If you look at the post, you can connect from the root account and not from the user, which use the IP of the machine, ergo, it is not a problem that the remote server cuts communication through firewall, nor by FDQN of the domain, since both communications are identified with the FDQN of the host.
    0
  • ffeingol
    Sorry, I totally missed that the last one corrected. Are you using a firewall or firewall rule builder (like CSF)? Have you checked the logs?
    0
  • speckados
    Sorry, I totally missed that the last one corrected. Are you using a firewall or firewall rule builder (like CSF)? Have you checked the logs?

    A lot of thanks. CSf Firewall blocking SMTP_OUT for others that root or mailman. Correct this and work fine.
    0
  • ffeingol
    OK, now that you have it fixed, I have to ask why you are doing this? We do the exact opposite of what you do. Since we force all mail to go through the local exim server, we can monitor what's going out and automatically suspend compromised mailboxes, hosting accounts etc.
    0
  • sparek-3
    Is there an SMTP_OUT directive in csf? Or do you mean SMTP_ALLOWUSER? You probably want to look at SMTP_PORTS and what ports are listed there. You may only want port 25 listed there. Since ports 587 and 465 TYPICALLY (although no always) require SMTP Authentication to relay out mail. Regular users would then be able to connect to external SMTP servers on ports 587 and 465, but typically they will have to authenticate to relay out mail. Could they still spam? Sure... but whoever is running the servers they are connecting to would easily be able to see who authenticated on those connections. The reason you want to prevent regular users from connecting to external mail servers on port 25, is because port 25 is the SMTP port used for delivering mail. Spam scripts such as Dark Mailer can take advantage of this and abuse an account to send spam message directly to a mail server (say a hotmail.com mail server) without any logging, because it bypass your local server's SMTP service for relaying out the message. Allowing external connections on ports 587 or 465 is the same thing... except you can't connect to port 587 on a hotmail.com mail server and deliver messages blindly into a hotmail user's mailbox.
    0
  • cPanelLauren
    As far as I know there isn't an SMTP_OUT directive - at least not in the SMTP settings of the CSF conf. There are quite a few SMTP related configurations in CSF that can prove useful.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post