0

I have a web application deployed in a webserver, running on a CentOS 7.
This web application sends e-mails through an external SMTP (in-v3.mailjet.com, port 587).
How can I enable CentOS to connect to that external SMTP?

This server is hosted at Digital Ocean.

cassiomolin
  • 111
  • 2
  • 5

2 Answers2

1

The shodanshok's comment is right:

If you can't telnet the SMTP server, the connection is blocked at the gateway or server level.

So I opened a ticket for Digital Ocean's support and got the following response:

To curb a recent increase in abuse and SPAM, we have an initial SMTP block on new accounts created in certain contexts.

To remove that block we'd like to do some manual account verification.

Please let us know the following:

  • Your Name
  • Location
  • Phone Number
  • The reason you are requesting the removal of the SMTP block

Also, please provide as many of the following as you can to help us verify your identity:

  • Your public Twitter handle
  • Your blog
  • Your company or personal website
  • Your public Facebook profile

We take SPAM very seriously as we comply fully with the CAN-SPAM Act. If you're not familiar, this says that you may not send bulk email unless you maintain a double-authorized list of subscribed members including IP addresses and relevant contact information. Also, you must follow guidelines for including removal links with all sent emails according to the CAN-SPAM Act.

I provided all the information and Digital Ocean has unblocked the SMTP connection.

Community
  • 1
cassiomolin
  • 111
  • 2
  • 5
0

What is blocking your connections is SELINUX, probably. To diagnose, follow these steps:

  • issue setenforce 0 and re-try connections to the SMTP server
  • if it works, re-enable SELINUX by issuing setenforce 1 and enable the specific permission you need through setsebool -P httpd_can_network_connect on
shodanshok
  • 47,711
  • 7
  • 111
  • 180
  • Thanks for you answer, but it din't work. I disabled SELinux and still couldn't connect to the SMTP server. – cassiomolin Mar 24 '15 at 20:50
  • 1
    It is strange as, by default, outbound network connections are enabled. Anyway, disable the firewall issuing "service firewalld stop" and re-try. If it does not work, the problem is at gateway/network/SMTP server level, probably. – shodanshok Mar 24 '15 at 20:52
  • I disabled the firewall as you suggested and I still can't connect to the SMTP. Just for information, I'm trying: `telnet in-v3.mailjet.com 587`. – cassiomolin Mar 24 '15 at 21:01
  • When I try a ping (`ping in-v3.mailjet.com`), it works. – cassiomolin Mar 24 '15 at 21:03
  • If you can't telnet the SMTP server, the connection is blocked at the gateway or server level. Do you have another machine from the same network to do a telnet test? – shodanshok Mar 24 '15 at 21:06
  • No, at this time I only have this machine. It's a VPS from [Digital Ocean](https://www.digitalocean.com). – cassiomolin Mar 24 '15 at 21:09
  • I've opened a ticket at [Digital Ocean](https://www.digitalocean.com) and I got the following response: _(...) To curb a recent increase in abuse and SPAM, we have an initial SMTP block on new accounts created in certain contexts. To remove that block we'd like to do some manual account verification. (...)_ – cassiomolin Mar 24 '15 at 22:18
  • It depends on your contract with them, but I would insist that they unblock this port, as you pay for it an they have to provide the possibilities they advertised. Also, they have no evidence that you are actually sending spam. – sebix Mar 25 '15 at 06:27