过去三周我一直在为一个问题而奋斗。 我最近获得了一个新的VPS服务器,出于某种原因阻塞端口25,我无法find什么。
Step to reproduce: telnet smtp.1and1.es 25 我检查了 – DNS,并没有问题,因为域被转换为IP,并ping按预期工作。
我已经通过这样做来禁用了fail2ban和防火墙:
服务fail2ban停止服务firewalld停止
再次尝试,telnet smtp.1and1.es 25
和相同的结果超时。
所有maillogs在端口25上显示无法访问的主机,用于所有电子邮件通知。
这是一个VPS,所以有一个外部防火墙,外部防火墙都是打开的。
所以我想知道还有什么云封锁端口?
这绝对是一个25出局stream量的问题,但我找不到什么阻止它。
iptables -L Chain INPUT (policy DROP) target prot opt source destination f2b-plesk-wordpress tcp -- anywhere anywhere multiport dports http,https,empowerid,7081 f2b-plesk-login tcp -- anywhere anywhere multiport dports cddbp-alt,pcsync-https f2b-BadBots tcp -- anywhere anywhere multiport dports http,https,empowerid,7081 f2b-apache tcp -- anywhere anywhere multiport dports http,https,empowerid,7081 f2b-plesk-roundcube tcp -- anywhere anywhere multiport dports http,https,empowerid,7081 f2b-plesk-horde tcp -- anywhere anywhere multiport dports http,https,empowerid,7081 f2b-plesk-dovecot tcp -- anywhere anywhere multiport dports imap,imap3,imaps,pop3,pop3s,sieve f2b-plesk-postfix tcp -- anywhere anywhere multiport dports smtp,urd,submission f2b-plesk-proftpd tcp -- anywhere anywhere multiport dports ftp,ftp-data,ftps,ftps-data f2b-recidive tcp -- anywhere anywhere f2b-SSH tcp -- anywhere anywhere tcp dpt:ssh ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW reject-with tcp-reset DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:12443 ACCEPT tcp -- anywhere anywhere tcp dpt:11443 ACCEPT tcp -- anywhere anywhere tcp dpt:11444 ACCEPT tcp -- anywhere anywhere tcp dpt:8447 ACCEPT tcp -- anywhere anywhere tcp dpt:pcsync-https ACCEPT tcp -- anywhere anywhere tcp dpt:cddbp-alt ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:ftp ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:submission ACCEPT tcp -- anywhere anywhere tcp dpt:smtp ACCEPT tcp -- anywhere anywhere tcp dpt:urd ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s ACCEPT tcp -- anywhere anywhere tcp dpt:imap ACCEPT tcp -- anywhere anywhere tcp dpt:imaps ACCEPT tcp -- anywhere anywhere tcp dpt:poppassd ACCEPT tcp -- anywhere anywhere tcp dpt:mysql ACCEPT tcp -- anywhere anywhere tcp dpt:postgres ACCEPT tcp -- anywhere anywhere tcp dpt:ogs-server ACCEPT tcp -- anywhere anywhere tcp dpt:glrpc ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds ACCEPT udp -- anywhere anywhere udp dpt:openvpn ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT icmp -- anywhere anywhere icmptype 8 code 0 ACCEPT all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW reject-with tcp-reset DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED REJECT tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW reject-with tcp-reset DROP all -- anywhere anywhere state INVALID ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain f2b-BadBots (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-SSH (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-apache (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-dovecot (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-horde (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-login (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-postfix (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-proftpd (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-roundcube (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-plesk-wordpress (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain f2b-recidive (1 references) target prot opt source destination REJECT all -- 223.71.208.114 anywhere reject-with icmp-port-unreachable REJECT all -- 221.229.172.75 anywhere reject-with icmp-port-unreachable REJECT all -- 278660.customer.zol.co.zw anywhere reject-with icmp-port-unreachable REJECT all -- 118.70.168.251 anywhere reject-with icmp-port-unreachable RETURN all -- anywhere anywhere
大多数VPS公司禁止和阻止端口25上的出站stream量,以阻止他们被用于垃圾邮件。 您将需要使用第三方邮件中继监听不同的端口(这可能是您的VPS公司可以提供的服务)。