On new server, incoming mail ports closed? Can't receive mail...

Virtualmin
1

I’ve set up a new centos 7 virtual server with virtualmin gpl up over at digitalocean and transferred my existing sites to it.

I can’t receive mail though… running port checks, they say that port 25 and 465 are closed, despite me having them open in iptables (posted below)

24/tcp filtered priv-mail
25/tcp closed smtp
26/tcp filtered rsftp

464/tcp filtered kpasswd5
465/tcp closed smtps
466/tcp filtered digital-vrc

My intention was to have the others closed, and 25 and 465 open…

If I stop iptables, the ports listed above all go to ‘closed’.

Where am I going wrong here (or… where did the tutorial I was using have me go wrong?)

My current iptables (the last two lines are for custom ssh and virtualmin ports)

[root@jessica ~]# iptables -S
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 703 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 13730 -j ACCEPT

2

Have you Contacted your provider? I had the same Issue, and found that they had the ports blocked… Took them 30 Seconds to open all ports that have to do with E-mails for me…

3

I have a similar issue, but instead, my ports 25, 465, and 587 are open, but 110, 993, and 995 are closed. This is a private and personal server, so I don’t have the issue of anyone blocking the ports. An nmap of my local private ip yields the following results:

Starting Nmap 7.40 ( https://nmap.org ) at 2019-04-30 15:45 CDT
Nmap scan report for 10.0.0.141
Host is up (0.000034s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
465/tcp open smtps
587/tcp open submission
2222/tcp open EtherNetIP-1
10000/tcp open snet-sensor-mgmt
20000/tcp open dnp

Nmap done: 1 IP address (1 host up) scanned in 3.25 seconds

I have been through FirewallD, and double checked everything I could think, or read up on to try. Still I have no luck getting the ports open for connection with mail clients. I plan to close 25 and 110 anyway, but all ports are forwarded while I test and resolve the issue.