• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Plesk Onyx on Azure not sending email

P

Paul Creedy

Basic Pleskian
I'm a plesk newbie and have a new VM in Azure with Plesk Onyx in an Ubuntu VM

Contact forms on Wordpress etc are not sending email. Instead they are stuck in the mail Queue.

Mail settings for the domains I'm testing is switched off.

IP address is: 51.141.53.62
Hostname: plesk1.p1-datacentre.cymru
Reverse DNS has been set up in Azure:
Network Tools: DNS,IP,Email

Example from email queue showing fqdn is the same

Received: by plesk1.p1-datacentre.cymru (Postfix, from userid 10001)
id CC272BC6B7; Wed, 14 Mar 2018 22:56:04 +0000 (UTC)


Server information:
CPU Intel(R) Xeon(R) CPU E5-2673 v3 @ 2.40GHz (1 core(s))
Version Plesk Onyx v17.5.3_build1705170317.16 os_Ubuntu 16.04
OS Ubuntu 16.04.4 LTS

Azure network security has all the usual ports open
 
Back in November, Azure started enforcing a block on port 25. You can make a request to remove the restriction.
 
Hi Mark

I don't think it's the ports on first look. I have port 25 open in the network security group along with the other email ports, but it's worth me investigating.

I'm fairly familiar with Azure and work with Windows servers regularly in Azure. This is my first step into Plesk and Ubuntu server, and the issue appear to be confined to just this server. If it was Azure restricting it across the board then I'd expect to see the same issue on the Windows/non Plesk servers.
 
Ok, did you verify that a service (typically Postfix) is listening on Port 25?

You can verify this by running the following command. You should see output similar to mine.

Code: 
[root@plesk ~]# lsof -i:25
COMMAND   PID    USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
smtpd    3308 postfix    6u  IPv4 271701      0t0  TCP *:smtp (LISTEN)
smtpd    3308 postfix    7u  IPv6 271702      0t0  TCP *:smtp (LISTEN)
master  28544    root   13u  IPv4 271701      0t0  TCP *:smtp (LISTEN)
master  28544    root   14u  IPv6 271702      0t0  TCP *:smtp (LISTEN)
[root@plesk ~]#
 
Actually, I just noticed your hostname in the first post and can confirm that Postfix is listening on 25 and accessible from the outside.

Can you take a look at /var/log/maillog and see if you have any errors being logged?
 
Hi Mark

Thank you for helping. I must admit that I'm a Windows guy and know very little about Linux, bash, ssh etc. This is my toe being put in the water as a learning experience more than anything else.

I'll try and get that information and post back, once I figure out how :)

I gather this isn't available through the UI anywhere?
 
Don't believe you can get them from Plesk unless someone has created an extension for it.

If you can connect via SSH and run the following;

[root@plesk ~]# tail /var/log/maillog

It should provide you the last 10 lines of the file which should be enough if anything is being logged.
 
Hi
Amongst the noise in the logs I've sent test emails using a very basic php script to both a gmail and an different email and this is part of the result.

I'm getting (delivery temporarily suspended: con$ and Network unreachable errors, but no closer to understanding why.

I can see the message coming from [email protected] however my script is not using that From email address.

Mar 15 15:51:34 plesk1 postfix/qmgr[15828]: 565B6BC4CF: from=<[email protected]>, size=463, nrcpt=1 (queue active)
Mar 15 15:51:34 plesk1 postfix/error[8559]: 565B6BC4CF: to=<[email protected]>, relay=none, delay=0.11, delays=0.06/0/0/0.05, dsn=4.4.1, status=deferred (delivery temporarily suspended: conn$

Mar 15 15:53:24 plesk1 postfix/qmgr[15828]: 62508BC4C1: from=<[email protected]>, size=453, nrcpt=1 (queue active)
Mar 15 15:53:24 plesk1 postfix/qmgr[15828]: 10F3BBC4C4: from=<SRS0=0fWh=GF=ownapt.com=maileyes-mail=durbinphotography.co.uk@durbinphotography.co.uk>, size=16798, nrcpt=1 (queue active)
Mar 15 15:53:24 plesk1 postfix/qmgr[15828]: 22C80BC2BB: from=<[email protected]>, size=446, nrcpt=1 (queue active)
Mar 15 15:53:24 plesk1 postfix/error[8740]: 62508BC4C1: to=<[email protected]>, relay=none, delay=385, delays=385/0.17/0/0.05, dsn=4.4.1, status=deferred (delivery temporarily suspended: con$
Mar 15 15:53:54 plesk1 postfix/smtp[8742]: connect to aspmx.l.google.com[74.125.71.27]:25: Connection timed out
Mar 15 15:53:54 plesk1 postfix/smtp[8742]: connect to aspmx.l.google.com[2a00:1450:400c:c07::1a]:25: Network is unreachable
Mar 15 15:53:54 plesk1 postfix/smtp[8741]: connect to gmail-smtp-in.l.google.com[64.233.167.26]:25: Connection timed out
Mar 15 15:53:54 plesk1 postfix/smtp[8741]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c0a::1a]:25: Network is unreachable
 
To follow up, I've created a domain with a mailbox. It can receive mail but not send. No error, just doesn't arrive.

This does look like an outgoing only mail issue, but can't figure out what!

The network security group in Azure says all outgoing ports seem open..

I'd like to test using telnet but I think I need a domain with an open port on 25 to attempt to connect to. Any suggestions to a domain with port 25 open that I can test it against?

I've seen some posts about having to turn off ipv6 but they do seem to be old posts.

Netstat results

datacentreadmin@plesk1:~$ netstat -tulpn | grep LISTEN
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN -
tcp 0 0 10.0.0.4:443 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:4190 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:12768 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN -
tcp 0 0 10.0.0.4:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8880 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN -
tcp 0 0 172.17.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 10.0.0.4:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::25 :::* LISTEN -
tcp6 0 0 :::8443 :::* LISTEN -
tcp6 0 0 :::4190 :::* LISTEN -
tcp6 0 0 :::993 :::* LISTEN -
tcp6 0 0 :::995 :::* LISTEN -
tcp6 0 0 :::7080 :::* LISTEN -
tcp6 0 0 :::7081 :::* LISTEN -
tcp6 0 0 127.0.0.1:3306 :::* LISTEN -
tcp6 0 0 :::106 :::* LISTEN -
tcp6 0 0 :::110 :::* LISTEN -
tcp6 0 0 :::143 :::* LISTEN -
tcp6 0 0 :::8880 :::* LISTEN -
tcp6 0 0 :::465 :::* LISTEN -
tcp6 0 0 :::21 :::* LISTEN -
tcp6 0 0 :::53 :::* LISTEN -


Iptables result
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-ISOLATION all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain DOCKER (1 references)
target prot opt source destination

Chain DOCKER-ISOLATION (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
 
[root@plesk ~]# telnet aspmx.l.google.com 25
Trying 173.194.208.27...
Connected to aspmx.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP 96si6128567qtc.419 - gsmtp

If domain doesn't work, try the IP.
 
Thank you Mark

telnet aspmx.l.google.com 25 from my home pc gives a result. telnet aspmx.l.google.com 25 on the server gives nothing. So now I think we are back with something blocking port 25 somewhere as in your original suggestion.

Question is what and where could that be?

Is there a way to get plesk to smtp out on an alternative port that isn't blocked?
 
Unfortunately to raise a support request of that type is only for Paid support which isn't cheap, and they probably blocked it for good reasons. So it would be best to work with them not against them.

It appears AWS is also doing this now as well.

So I'm back to looking for a solution to either get plesk talking on an alternative port such as 587 or have ubuntu itself to somehow port forward or relay port 25 to 587 so plesk wont know any different.

Im not going to be the last plesk user to have this issue going forward so it would be really good to get a solution.
 
Hi Mark

The main reason for Azure is that I can pick its UK West datacentre as the location is important to the potential data being stored.
 
Paul Creedy said:
Hi Mark

Azure eventually came through and turned on port 25 on my subscription. Email is now sending, so I'm back on track trying out Plesk.

Thank you for you help. Your original diagnosis of port 25 being blocked was correct.
Click to expand...

Hi Paul, I am having the exact same issue: I don't currently own a paid support subscription, so just like you I'm unable to open the required support ticket in order to request port 25 to be unblocked.

How did Azure turned on port 25 on your subscription? did you find a way to open a support request or have you reached them by other means?
... or perhaps you chose to pay for an upgraded support plan?
 
You must log in or register to reply here.

Similar threads

VW Nut
Issue Issues with mail traffic volumes stats
Replies
1
Views
839
VW Nut
VW Nut
Back
Top