CentOS

Hi everybody

I need to open the smtp port 465 in centos 6.9 as output port to send recovery email of my wp website.
The below image is the setting of the Iptables.

Also in CSF, I have defined port 465 as the white tcp port.

but when I use command sudo lsof -i :465 -n -P , I recieve no feedbak !
Also I tried telnet mywebsite.com 460 but it seems the port is closed yet!

Can you tell me what is wrong with my setting?
Any help is appreciated.

Your firewall rules at the present time do absolutely nothing at all. Your system is wide open to anyone who cares to connect to it. The default policy on INPUT, FORWARD and OUTPUT chains is set to ACCEPT on all of them and there is no rule to reject traffic so everything is allowed.

You're also using CSF which is something we don't support and since it manages the very rules you're trying to "fix", you need to ask your questions of them.

Thanks for your promp reply.

As you said the iptables is wide open. I turned off the CSF. But the port is closed yet!

I asked the DC technicians about the port status and they said it is open on their firewall.

But I believe the problem is with their firewall. Is there any command to check (from the server side toward outside that) which network devive bans the port traffic?

Thanks again

Running telnet can be a valuable debugging tool - e.g. `telnet 1.2.3.4 465`

There's also nmap (and nmap-frontend which gives you zenmap) in the base distros. Be careful though, running a portmapper can get you into trouble if you don't have the authority to do so on the network.

MartinR wrote:There's also nmap (and nmap-frontend which gives you zenmap) in the base distros. Be careful though, running a portmapper can get you into trouble if you don't have the authority to do so on the network.

Thanks

I used command nmap -sA X.X.X.X it shows that all the scanned ports of the server are unfilterd ; so I can say the problem is with the DC network and not with the server !

lnxlnr wrote:Hi everybody

I need to open the smtp port 465 in centos 6.9 as output port to send recovery email of my wp website.
The below image is the setting of the Iptables.

Are you trying to send email from your server, or receive it at your server?

If trying to receive, are you sure that you have a process that is listening on port 465?

Since you have installed CSF in the past, instead of showing the contents of the file, use the command: to see what rules are actually in effect.

Dear @Whoever

Thanks for your reply.

CSF and SELinux are disabled.

I am going to send email from the server.
The below image shows the result of running your suggested command:

Should I flush the CSF?

You have an iptables rule that allows port 465 *inbound* to your server. But since all your default policies are "ACCEPT" all rules are useless and ignored. Your problem is not firewall related - at least not the CentOS firewall. Check external factors (firewalls etc).

Install tcptraceroute (note, this is NOT traceroute) and use it to discover where the packets are being rejected.