Ports are open and SMTP protection off but can't send to external Google SMTP server
I have opened outgoing TCP ports 25, 465, and 587 in my firewall (CSF) and also turned off SMTP restrictions. In Tweak settings Restrict Outgoing SMTP to Root is turned off and allow users to relay mail if they use a validated IP address is also turned off.
This is running on a VPS so not sure if the VPS provider would block such ports at their level?
Yet my Joomla and Wordpress sites cannot send out email to the Google SMTP server. I get errors saying:
2024-01-30T18:52:02+00:00 ERROR 154.6.86.150 mail Error in Mail API: Connection: opening to ssl://smtp.gmail.com:465, timeout=300, options=array ( ) 2024-01-30T18:52:03+00:00 ERROR 154.6.86.150 mail Error in Mail API: Connection failed. Error #2: stream_socket_client(): unable to connect to ssl://smtp.gmail.com:465 (Network is unreachable)
Am I missing something? I also tried setting up an SMTP email account in the specific account on the cpanel server and set up SPF and DKIM. Cpanel's email deliverability says that it is set up correctly. Joomla and WP connects there, and I can see the email getting queued in exim but the emails never arrive in the recipients mailbox so not even sure if they are being sent.
-
The quickest way to see if the port is being blocked is to, from the command line, try:
echo | openssl s_client -connect smtp.gmail.com:465
You should get back a security certificate chain from Google Trust services LLC for smpt.gmail.com . If you get "Connection refused..." messages, then the connection is being blocked *somewhere*. It is quite common for some providers, notably Amazon AWS, to block outbound mail ports "by default" for anti-spam purposes. Which VPS provider is it?
I assume you have Joomla and WordPress setup to use Gmail.com as the outbound mail server (instead of just letting exim on the server handle the outbound mail)? Are you using a WordPress plugin to handle the authentication/login/OAuth side of things or have just provided your gmail address/password combo [although it doesn't look like you are getting that far].
0 -
It's likely exactly like you mentioned -- your provider is probably blocking outbound TCP 25. they probably want you to relay all outbound email through a specific system they have set up. You need to contact their support.
0 -
I ran the echo line and received the certificate. Also checked with the provider and they say they were blocking port 25 but have since fixed that. Didn't get a certificate on port 25 or 587 but did get one on 465. Still getting the same cannot connect error even though I am certain the app password I am putting in is correct (spaces removed).
The above is regarding SMTP connections. If you have any ideas about what else might be wrong there please let me know.
---
Below is regarding my attempt to use plain PHP Mail instead. PHP mail worked fine until the we noticed emails were not being received around the middle of January 2024.
When I use the PHP mailer option in Joomla it sends it out, I see it briefly in the exim mail manager, and in the logs it says it then says it was sent. I edited the log below to show the various server names, account names, etc. Perhaps I have something else configured wrong?
2024-02-05 06:44:44 1rWxP2-0003MN-0B <= quantluo@servername.com U=quantluo P=local S=819 id=c2dfbd90850230eb19ced924cbd64c41@websitename.org T="Test mail from Our Joomla Site" for system-admin@googleaccount.com 2024-02-05 06:44:44 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1rWxP2-0003MN-0B 2024-02-05 06:44:44 1rWxP2-0003MN-0B => quanlsys <system-admin@googleaccount.com> R=localuser T=dovecot_delivery C="250 2.0.0 <quanlsys@servername.com> trCFFCzKwGV9MgAAFq38lw Saved" 2024-02-05 06:44:44 1rWxP2-0003MN-0B Completed
quantluo@servername.com is the account that the Joomla site resides in
system-admin@googleaccount.com is the google account I am attempting to send email from
quanlsys@servername is a completely different cpanel account on the same server
I checked the mailbox and it never arrived nor wound up in spam. As mentioned in the original post I have the SPF set to allow the ip address we are sending from. The thing I don't understand in the log above is that it is saying quanlsys@servername.com which is a different account on the same server...
0 -
Yes, the log snippet you posted indicates the server is trying to delivery locally instead of reaching out to a remote mailserver. If that isn't the expected behavior, you may need to adjust the setting in cPanel >> Email Routing to ensure the correct option is selected there.
That may not fix the delivery issues if port 25 is still blocked, but it would tell the system to deliver the message remotely if that is how the DNS is configured.
0
Please sign in to leave a comment.
Comments
4 comments