Resolved Issue with smtp with any email client

[arturs.gabliks]

Server operating system version

Ubuntu 20.04 x64

Plesk version and microupdate number

18.0.46 Update #1

Hello, Previously I successfully to email server with email client and sent emails using clients.
Then it suddenly stopped working.
Now I try to set account again for example with bluemail client, incoming is ok, but outgoing : Cannot connect to server.

I use cloudflare.

25 port is open.

I dont see any new log record, after I try to connect with mail client.

Also there are some suspiciouslog records, like :

postfix/smtpd [277342]

warning: hostname marries.angerenhanc.com does not resolve to address 141.98.10.27

I tried to fix warnings what mxtoolbox shows, no results, and maybe not related to my issue at all.

Any advice where to look at, please

 

[mow]

SSL/TLS will not work with port 25, that port has to connect without encryption and therefore can only use STARTTLS.
For implicit TLS, you should use 465.
Note that for sending from a client you should use port 587 (and STARTTLS) instead of 25.

 

[arturs.gabliks]

Thanks you much mow ! You are my hero . Issue fixed

 

[arturs.gabliks]

Hmm, it works only with android phone Bluemail . Not with PC Bluemail, Windows 11 mail or Outlook.

 

[Monty]

Change your port for outgoing mails to "587" and in the encryption method dropdown select "STARTTLS"

 

[arturs.gabliks]

Nop. also 587 port is closed. Vultr support team opened 25 port for smtp. It works on mobile phone, but not PC.

 

[mow]

Current mailservers, for security reasons (plaintext authentication WILL get your password stolen), do not allow authentication when the connection is not encrypted (for a connection that is not encrypted from the start, like connection on 465 implicitly is, the commands only become available after STARTTLS). And unauthenticated mail sending will be blocked, as it should.
SPA might not work anyway.
If you can neither use SSL/TLS and port 465 or STARTTLS and port 587, and your provider doesn't want to unblock them, try STARTTLS and port 25.

 

[Kaspar]

I might be mistaken, so correct me if I am wrong, but I always thought that because of the way SNI is utilized by Plesk the domain name itself should be used as a value for connecting to the SMTP server (and IMAP/POP). Without the mail. prefix. So just example.com instead of mail.example.com.

Which in your case @arturs.gabliks won't work unless you disable the proxy in CloudFlare. Because CloudFlare does not accept email when proxy enabled. Alternatively you could use the hostname of your server, which should work. However I noticed that you're using a Plesk generated hostname for your server (friendly-mendeleev.66-135-5-xx-.plesk.page), which I am not sure of if there are any restrictions.

 

[arturs.gabliks]

Ah I found the issue. PLESK is blocking my home PC IP address somehow. When i connect my android phone to home wifi, then I can not connect to smtp 25 STARTTLS, but if i connect to mobile network, then connection is successful. I check fail2ban, but dont see my home ip banned. Where else it could be blocked ?

 

[Kaspar]

Could it be your home ISP is blocking port 25?

 

[mow]

Either that, or maybe Vultr didn't open port 25 completely but left in a block of some DSL providers?

 

[arturs.gabliks]

Either that, or maybe Vultr didn't open port 25 completely but left in a block of some DSL providers?

Why would they do that ?

 

[mow]

Why would they do that ?

Because mails directly sent from dynamic IPs are 99% spam from hacked PCs, as dynamic IPs should never try to deliver mail directly but instead go through their ISP.
So DUL blocklists prevent them from delivering those mails by giving them a huge spam score or, as might be the case here, preventing them from connecting to port 25 at all (and sometimes other ports too, like SSH).
Could be Vultr, could also be your ISP as @Kaspar wrote, could be both.
Try connecting to any big provider's mail server on port 25 (you might need to install telnet for that, and `telnet provider.net 25`). Does it connect, or does it fail as well?

BTW, does the connection to your server already fail to connect, or is it force-closed my the mailserver after connection is established?