Mail function in web applications is a great feature to reach out to your online customers. It uses the mail protocol called SMTP.
But, what if SMTP is blocked on your DigitalOcean Droplet ?
All emails will fail!
DigitalOcean Droplets can have SMTP blocked due to reasons like bad firewall, built-in restrictions, and so on.
At Bobcares, we help customers to fix SMTP connection in Droplets as part of our Managed Cloud Services.
Today, we’ll discuss the top reasons for DigitalOcean SMTP block and how we fix them.
What causes SMTP block in DigitalOcean ?
By default, mail protocol on a server make use of port 25 for the connection. But there can be many reasons for mail port to fail.
Now, let’s see the top two reasons for SMTP block.
1. Firewall restrictions
From our experience in managing servers, we see that firewall restrictions often cause SMTP block in DigitalOcean Droplets.
This firewall restriction can be of 2 types.
a) Firewall within the server
Here, problem mainly happens due to wrong rules in the server firewall. For example, if there is rule that blocks all outbound traffic from the server, it will block SMTP port 25 too.
b) Firewall at ISP
Similarly, firewall restrictions at internet service provider also can affect the SMTP traffic.
Port 25 is one of the most abused port for spamming. As a result, many ISPs block outgoing email on port 25 from dynamic IP addresses. So, even if SMTP port is open in your Droplet, you will have problems in sending mails.
2. Inbuilt block by provider
Yet another reason for SMTP block in DigitalOcean droplet is built-in restriction by provider.
In some new Droplets, Digital Ocean blocks SMTP traffic for 60 days as part of their security restrictions. This again causes mail to fail. They will lift this restriction only after providing further details about the purpose of emails from the server.
How to fix DigitalOcean SMTP block ?
We’ve now seen the possible reasons for the SMTP block. The exact fix largely depends on identifying the reason of the block.
That’s why, when a user reports problem with SMTP traffic, our Cloud Specialists first analyze the server and isolate the part at which block happens. Many times, the block can be within the server, at ISP level or even with cloud provider.
We’ll now see how we fix the SMTP block at various levels.
1. Changing firewall
When we identify the problem as server firewall, we add specific rules to allow traffic on SMTP port. For example, in a Droplet, we add the following rules to accept port 25.
iptables -I OUTPUT -p tcp --dport 25 -j ACCEPTSimilarly, we often use the command ufw also to enable port 25.
ufw allow 25Even after opening port 25 within the server, if there are further problems, we further check the ISP settings. And, we work with ISP to fix the firewall at their end too.
2. Using alternate port
When server provider itself is blocking SMTP, the workaround is to use alternate port for SMTP.
Here, our Cloud Engineers configure mail server on alternate ports like 2525. Then we allow the custom port in the server firewall too. Thus, the restriction on port 25 will not affect the traffic.
Another option is to use third party mail providers like Zoho, Mailgun, SendGrid, etc. Here, we configure all mails from the web application to go via these mail programs. Again, these programs allow custom ports too.
Conclusion
DigitalOcean Droplets often experience problems with mail due to SMTP port block. Today, we’ve seen the top reasons for the block and how our Cloud Engineers fix them.
0 Comments