Status Check states port 25 is blocked, but nmap says otherwise

Hey, my ISP actually blocked port 25, but unblocked it after I sent a request. Now mailinabox still states that port 25 is blocked.
My iptables, as well as ufw has a rule to allow outgoing requests through port 25. Nmap also says that port 25 is open.
But mailinabox seems to not be able to send email.
Hope some of you can help,
Regards, Nico.

From your MiaB:

$ telnet box.occams.info 25
Trying 94.76.202.152...
Connected to box.occams.info.
Escape character is '^]'.
220 box.occams.info ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/)

Means port 25 outbound is open on your box. Enter quit to exit the telnet session.

quit
221 2.0.0 Bye
Connection closed by foreign host.

If all you see is this:

$ telnet box.occams.info 25
Trying 94.76.202.152...

Means port 25 outbound is blocked. Use Ctrl+C to exit the telnet session.

Thank you, i checked it again that way and I get a response by mailinabox. But although port 25 seems to be open, the mailinabox status checks say that it is blocked and I can’t send emails (tried that aswell).
What could be wrong there?

Have you tried running sudo mailinabox?

Had not done it after updating iptables. Did it right now and nothing seems to have changed.

MiaB just automatically configures ufw, so if you have a custom iptables configuration, that configuration will be unsupported. I’m not sure what else would be causing this problem.

I don’t really have an idea myself. The port definitely is open, so I really don’t know what could be causing it. I just moved my box to another provider and now this issue is keeping me from sending mails :unamused:

Is there anything in mail.log or syslog that might help?

Couldn’t really see anything in syslog; Same with mail.log. I haven’t set my ipv6 reverse dns, but how could that affect the port?

rDNS is for FCrDNS checks, which can only impact deliverability with some mail servers, but that is after connecting to them.

Did you make any other changes to MiaB configurations?

Just some custom DNS settings to redirect to my website, but apart from that nothing.

Do you mean you created custom DNS records in the admin dashboard?

Yes just in the admin dashboard.

You might try posting in the MiaB slack channel.

I’m only using Slack on work, so I don’t really know how to join a “public” one.

https://mailinabox.email/slack

How does checking an inbound port indicate that an outbound port is blocked? For you ARE checking the INBOUND connection when you telnet to the server.

It would probably be better to use the Mail-in-a-Box Slack signup link …

https://mailinabox.email/slack

Your hosting provider didn’t actually unblock it perhaps?

In the context of this thread, inbound is a server outside of MiaB trying to connect to MiaB on port 25. Outbound is MiaB trying to connect to another server on that server’s port 25. Not being able to send mail may indicate that MiaB cannot connect to another server on that server’s port 25.

Usually when I use source and destination, people get confused if they are not already used to that terminology, so I use more basic terms. In my experience, the hosting ISPs block destination port 25 requests from their servers to prevent the servers from sending mail although I have not observed them to block destination port 25 requests to their servers so receiving is usually not an issue. But that sentence may look confusing to people not familiar with the terminology.

In the context of this thread, the server is unable to send, and this test verifies there is not a firewall issue related directly to sending, so the ISP at the very least is permitting destination port 25 requests from the server.