Are the email ports open on your VPS?

A quick scan of your domain returned no response on the following ports:

• 25 (smtp)

• 110 (pop)

• 143 (imap)

• 465 (smtp secure)

• 587 (alt smtp)

• 993 (imap secure)

• 995 (pop secure)

I followed all the steps in the guide. Copied the iptable setup as noted in the guide.

~~[https://library.linode.com/securing-your-server#sphcreating-a-firewall" target="blank">](https://library.linode.com/securing-you … a-firewall">https://library.linode.com/securing-your-server#sph_creating-a-firewall](

that all looks Greek to me so no idea what I may have done there.

````

Allow HTTP and HTTPS connections from anywhere (the normal ports for websites and SSL).

-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

Allow SSH connections

#

The -dport number should be the same port number you set in sshd_config

#
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT

# Drop all other inbound - default deny unless explicitly allowed policy -A INPUT -j DROP -A FORWARD -j DROP
````

That looks like it confirms my port scans. You're allowing incoming traffic on ports 80 (http) & 443 (https), as well as 22 (ssh). You've blocked all other ports (including email ports).

I'm not very experienced with iptables so someone else will need to verify this before you take it as gospel, but the following should allow incoming SMTP & POP3 traffic (based on the previous line for port 80):

-A INPUT -p tcp –dport 25 -j ACCEPT

-A INPUT -p tcp --dport 110 -j ACCEPT

Allow secure pop3 if you're using a an ssl on your email connections

-A INPUT -p tcp --dport 995 -j ACCEPT

You should also verify that your smtp server can't be used as an open relay (you'll need to search for the steps based on your email server of choice).

MSJ

These are the ports that I need for this set up anyways.

Made sure that your firewall is not blocking any of the standard mail ports (25, 465, 587, 110, 995, 143, and 993)

I set the iptable rules as follows:

*filter

# Allow loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use the lo0 interface
-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT

# Accept established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow all outbound traffic
-A OUTPUT -j ACCEPT

# Allow HTTP and HTTPS connections
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

# Allow SSH/SFTP
# Change the value 22 if you are using a non-standard port
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT

# Email ports
-A INPUT -p tcp -m state --state NEW --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 465 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 587 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 110 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 995 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 143 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 993 -j ACCEPT

# Allow FTP
# Purely optional, but required for WordPress to install its own plugins or update itself.
-A INPUT -p tcp -m state --state NEW --dport 21 -j ACCEPT

# Allow PING
# Again, optional. Some disallow this altogether.
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# Reject ALL other inbound
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

And reboot server, netstat -ntl results with

$ netstat -ntl

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State

tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN

tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN

tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN

tcp6 0 0 :::22 :::* LISTEN

tcp6 0 0 :::25 :::* LISTEN

tcp6 0 0 :::993 :::* LISTEN

tcp6 0 0 :::995 :::* LISTEN

I have no idea what to do.

Any other ideas?

Thanks all

Dave

Port 110 (your POP3 mail port) is not in your list of listening ports. Are you sure your mail service is running?

At this point I am not sure of anything.

POP3 as in the guide says its using secure only so 110 is not even need since the Dovecot / Postfix is set to secure only.

@movepixels:

POP3 as in the guide says its using secure only so 110 is not even need since the Dovecot / Postfix is set to secure only.
So your email client is set to use secure pop on port 995?

Correct.

I can receive emails to the address now but sending I get the connect to SMTP error.

Tried port 465 (ssmtp). Most residential ISPs block port 25 outgoing to SMTP servers that aren't their own (in general) to stop spam.

Yes I currently have it set to 465.

Outlook does the send and receive and no issues but sending from the account just sits there.

Says success but outbox still has the message.

Nothing gets sent but it does not throw errors now.

So getting closer but still no sending.

Will check the mail.log see if anything there stands out.