- Plesk for Linux
Unable to send and forward emails from Plesk server to external servers either completely or intermittently, causing mail queue to fill up.
Emails cannot be sent by using PHP script.
One of the following errors may be found in
CONFIG_TEXT: postfix/smtp: E3B24978700: email@example.com, relay=none, delay=537, delays=446/0.02/91/0, dsn=4.4.1, status=deferred (connect to example.com[203.0.113.2]:25: Connection timed out)
CONFIG_TEXT: postfix/smtp: connect to example.com[203.0.113.2]:25: Connection timed out
CONFIG_TEXT: postfix/smtp: E3B24978700: firstname.lastname@example.org, relay=none, delay=537, delays=446/0.02/91/0, dsn=4.4.1, status=deferred (connect to example.com[203.0.113.2]:25: Connection refused)
CONFIG_TEXT: qmail: 1491974064.856278 delivery 8214: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)
On Windows the error below may be found in MailEnable > Servers > localhost > Services and Connectors > SMTP > Logs > Debug > SMTP-Debug-xxxx.log:
CONFIG_TEXT: ME-I0018: [0BCF8603898D4D25B155B5AFF7FB0FA4.MAI] Outbound message from ([SMTP:email@example.com]) requeued as [FFEFCD05AA0A4CE9B2E74C7CAA6D8FE5.MAI] to the target domain [example.net]
ME-I0123: Domain [example.net] has MX list [mx1.example.net,mx2.example.net]
ME-I0026: [FFEFCD05AA0A4CE9B2E74C7CAA6D8FE5.MAI] Sending message
ME-IXXXX: [FFEFCD05AA0A4CE9B2E74C7CAA6D8FE5.MAI] DNS resolved to the following record: IP Address=203.0.113.2, Family=2, Type=1, Protocol=6
ME-E0038: [FFEFCD05AA0A4CE9B2E74C7CAA6D8FE5.MAI] Communications Error: Socket connection to mx1.example.net failed (error 10060). The host was either not contactable or it rejected your connection. Socket Family = 2; Host=203.0.113.2; Port=25
Local mail delivery between domains in Plesk works.
Outbound connections via port 25 from Plesk server are restricted either completely or intermittently:
# telnet example.com 25
telnet: connect to address 203.0.113.2: Connection refused
Firewall on the Plesk server does not restrict connections to port 25.
Port 25 is blocked for outbound connections.
Sometimes internet service providers (ISP) can restrict or limit outbound/inbound connections on port 25 due to security reasons. Also, Google Cloud platform has such port blocked by default and services like G Suite should be used to send mail.
Note: Networking tasks and the local firewall configuration are the activities that should be handled by Plesk server administrator, as Plesk is a part of the server infrastructure and relays on local network settings.
Note: Once port 25 is opened by your hosting/cloud provider and mail starts to work, you may safely close the message about TCP port 25 being blocked in Plesk at Tools & Settings > Mail Server Settings.
Here are general troubleshooting steps:
Make sure that the local firewall does not cause the issue. Stop the service temporarily and try to send mail or open mail port under Plesk > Tools & Settings > Firewall;
If the issue still persists, it means that the cause is outside of the Plesk server. In that case, contact network administrator and discuss if port 25 can be added to allowed ones or not.
If any of Cloud Services are used, it is needed to check the firewall on the Cloud Service’s side.
For Google Cloud, Amazon (AWS) outbound connections to port 25 are limited by default to prevent outgoing spam. To resolve the issue with port 25 on these Cloud Services refer to the following pages:
For Microsoft Azure, use a third-party service like SendGrid. Create a SendGrid account and configure Postfix to use SendGrid as a relay.
Azure blocks port 25 for new users: https://blogs.msdn.microsoft.com/mast/2017/11/15/enhanced-azure-security-for-sending-emails-november-2017-update/
For Azure, it is also possible to submit a request to get your issue resolved by using the following link: Subscription Management Problem type: Request to enable Port 25 email flow.
Vultr blocks port 25 but can unlock it: https://www.vultr.com/docs/what-ports-are-blocked
Nitrado block the ports 25, 465 and 587 by default but can unlock them (see point 3) https://server.nitrado.net/eng/pages/cloud_server_tos
OVH does not authorise communication on port 25 https://docs.ovh.com/ca/en/dedicated/firewall-network/
- For Alibaba Cloud, Alibaba ECS instances are disabled to access port 25. To enable ECS instances to access this port apply the form to enable TCP port 25.