Articles in this section

See more

Unable to send emails using Plesk local mail server: Connection timed out or connection refused. (#4.4.1)

Avatar
Robert Asilbekov
Updated
Follow
Plesk for Windows Plesk for Linux DoNotDelete:docref FR:PPM-2326 kb: technical ABT: Group A

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Symptoms

  • Unable to send and forward emails from Plesk server to external servers either completely or intermittently, causing mail queue to fill up.

  • Emails cannot be sent by using PHP script.

  • Emails between domains served by Plesk can be sent.

  • One of the following errors may be found in /var/log/maillog:

    Postfix

    CONFIG_TEXT: postfix/smtp[27746]: E3B24978700: to=john.doe@example.com, relay=none, delay=537, delays=446/0.02/91/0, dsn=4.4.1, status=deferred (connect to example.com[203.0.113.2]:25: Connection timed out)

    CONFIG_TEXT: postfix/smtp[15684]: connect to example.com[203.0.113.2]:25: Connection timed out

    CONFIG_TEXT: postfix/smtp[27746]: E3B24978700: to=john.doe@example.com, relay=none, delay=537, delays=446/0.02/91/0, dsn=4.4.1, status=deferred (connect to example.com[203.0.113.2]:25: Connection refused)

    QMail

    CONFIG_TEXT: qmail: 1491974064.856278 delivery 8214: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)

  • On Windows the error below may be found in MailEnable > Servers > localhost > Services and Connectors > SMTP > Logs > Debug > SMTP-Debug-xxxx.log:

    CONFIG_TEXT: ME-E0038: [FFEFCD05AA0A4CE9B2E74C7CAA6D8FE5.MAI] Communications Error: Socket connection to mx1.example.net failed (error 10060). The host was either not contactable or it rejected your connection. Socket Family = 2; Host=203.0.113.2; Port=25

    Note: There might be a Smart Host configured for SMTP.

  • The firewall on the Plesk server does not restrict connections to port 25.

  • Outbound connections via port 25 from Plesk server are restricted either completely or intermittently:

    # telnet smtp.gmail.com 25
    Trying 203.0.113.2...
    telnet: connect to address 203.0.113.2: Connection refused

Cause

Port 25 is blocked for outbound connections.
Sometimes internet service providers (ISP) can restrict or limit outbound/inbound connections on port 25 due to security reasons. Also, the Google Cloud platform has such port blocked by default, and services like Google Workspace (former G Suite) should be used to send mail.

Resolution

Note: Networking tasks and the local firewall configuration are the activities that should be handled by the Plesk server administrator, as Plesk is a part of the server infrastructure and relies on local network settings.

Note: Once port 25 is opened by your hosting/cloud provider and mail starts to work, you may safely close the message about TCP port 25 is blocked in Plesk at Tools & Settings > Mail Server Settings.

Note: For an example of mail relay configuration, refer to our official Udemy course.

Here are the general troubleshooting steps:

  1. Make sure that the local firewall does not cause the issue. Stop the service temporarily and try to send mail or open mail port under Plesk > Tools & Settings > Firewall;

  2. If the issue still persists, it means that the cause is outside of the Plesk server. In that case, contact the network administrator and discuss if port 25 can be added to the allowed ones or not.

    If any of the Cloud Services are used, it is needed to check the firewall on the Cloud Service’s side.

Cloud Provider  References to unlock SMTP ports
Google Cloud

Outbound connections to port 25 are limited by default to prevent outgoing spam.

Google Cloud: Sending Email from an Instance
Amazon (AWS)

outbound connections to port 25 are limited by default to prevent outgoing spam.

AWS: How do I remove the throttle on port 25 from my EC2 instance 
Integrating Amazon SES with Postfix
Microsoft Azure Azure blocks port 25 for new users.
Submit a request by using the following link:
Subscription Management Problem type: Request to enable Port 25 email flow
  Use a third-party service like SendGrid. Create a SendGrid account and configure Postfix to use SendGrid as a relay.
 Vultr  To unlock port 25 follow: https://www.vultr.com/docs/what-ports-are-blocked
Nitrado Block the ports 25, 465 and 587 by default but can unlock them (see point 3) https://server.nitrado.net/eng/pages/cloud_server_tos
OVH Configure firewall on port 25: https://docs.ovh.com/ca/en/dedicated/firewall-network/
Alibaba Cloud
Alibaba ECS instances 		Apply the form to enable TCP port 25.
Scaleway

Ports 25, 465 and 587 can be unlocked:  
https://www.scaleway.com/en/faq/why-can-i-not-send-any-email/
Linode
 Linodes on newly created customer accounts will have connections from ports 25, 465, and 587 blocked by default.
DigitalOcean

DigitalOcean blocks SMTP port 25 for some new accounts to prevent spam and other abuses.

Contact DigitalOcean support

 

 

Comments

4 comments

Sort by Date Votes
  • Avatar
    Aristeidis Vlachopanos

    Hello,

    In our server whenever I visit

    Home > Tools & Settings > Server-Wide Mail Settings

    on the top of the page I get the message

    You cannot send emails from Plesk because outbound connections on TCP port 25 is blocked. Check the firewall settings or contact your hosting provider.
    but there is no firewall blocking port 25 and I am able to connect via telnet.

    However while searching in /var/log/maillog I spotted a timeout error like

    postfix/smtp[15684]: connect to example.com[203.0.113.2]:25: Connection timed out

    where example.com is an old, out of business mail provider. (Apparently a user is trying to send to an outdated email address)

    Is it possible that we get the warning because of this error? Is this working as intended?

    Thank you

    0
    Comment actions Permalink
  • Avatar
    Lev Iurev (Edited )

    Hello Aristeidis Vlachopanos ,

    This error means that connection outside the server on port 25 is not possible. you could check it from the server, for example to google servers:

    telnet aspmx.l.google.com 25

    Usually this port is blocked by default on Cloud servers such as Google cloud and AWS, contact them in order to check the status of 25 port.

     

    0
    Comment actions Permalink
  • Avatar
    Omar Tirhaka

    Hi Lev Iurev

    Im facing the same problem, i tried telnet aspmx.l.google.com 25 and got onnected, but the message still there.

    This is after following the guidelines from Plesk support, contacting amazon cloud and get the port 25 limitations removed.

    The conclusion is that Plesk guidelines didn't work, any suggestion would be appreciated. 

    0
    Comment actions Permalink
  • Avatar
    Lev Iurev

    @Omar Tirhaka Please create a ticket to our support team and describe the current status of the issue.

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles