Days ago when moving one of production web system to a new node, we accidentally faced a problem of sending email using Gmail SMTP server. After some debugging the problem, I found that there is a problem on port blocking with IP v6. So I post here an article to guide how to solve CSF Firewall issue with port blocking.
- First, if the application cannot sending email using Google SMTP server (smtp.gmail.com with port 465 – SSL or 587 – TLS), check if the configuration information is correct.
- Then, if you are using free google apps, check if you already exceeded 99 out-sending email per day for that day. Please be noted that this restriction is applied for free Goolge apps account and will be reset after 24 hours.
- In case the debugging information show that connection is timed out, check on the website that we can access gmail.com and smtp.gmail.com.
- Then, try connecting to the target address via telnet ([bash]telnet smtp.gmail.com 465[/bash]
[bash]telnet smtp.gmail.com 465[/bash]
- If telnet give connection timeout error, check if we already open port in CSF (check in/etc/csf/csf.conf). Major note is here 😉
- Be sure port is opened on TCP_OUT.
- However, some new server infrastructure utilizes IPv6, so, be sure to check TCP6_OUT also.
- Restart CSF firewall to see its affect:[bash]csf -r[/bash]