From payment confirmation to support queries, emails play a vital role in online business communication. Delayed alerts or lost orders end up adversely affecting the business.
In AWS EC2 instances, mail delivery problems can happen due to many reasons, mainly port 25 connection limits, IP blacklists and port 25 blocks.
Read: How to fix Amazon EC2 IP blacklisting in Spamhaus PBL and other email RBLs
Today we’ll see the different reasons for mail delivery failures and the ways to resolve them.
1. Port 25 throttling
Amazon sets limits on the number of emails that can be sent from a mail server, as a method of spam prevention. This throttling can lead to email delivery issues.
To remove the limits on the number of connections, one needs to contact Amazon and submit a request. Once Amazon approves the request details, they would raise the limits.
2. IP blacklisting
It has been noted that IP addresses on Amazon EC2 get occasionally blacklisted in Spamhaus and other such lists. In such cases, to ensure email delivery, immediate action required is to change the mail interface IP.
Amazon provides additional IP addresses upon requests. This extra elastic IP can be assigned to the mail server, if the existing IP is blacklisted.
Some anti-spam companies validate a mail server using its RDNS record. As a proactive measure, it is important to contact Amazon and set RDNS for your mail server.
Read: How your web hosting business can keep out of spam blacklists
3. Port 25 blocks
Port 25 blocks can happen in the server side or in the client side. We’ll see how to sort out both.
a. Security rules
It is possible to add security groups for each EC2 instance, each group containing certain firewall rules. To secure their instances, many people add custom security rules.
But if not done without proper caution, the rules can mess up server connectivity for various services. For eg, if there is any rule that blocks connection to port 25, mail issues can occur.
By auditing the security group associated with an EC2 instance, it is possible to identify any blocking rule and to correct it. This can be done from the AWS console.
To be on the safer side, it is advisable to add custom rules for SMTP to allow connections to port 25 from a required IP range and assign it to the AWS EC2 instance with these steps:
Read: How to resolve and prevent recurring IP blocks by CSF/LFD in cPanel/WHM servers
b. ISP blocks
Many ISPs block the default SMTP port, port 25, to avoid spamming. In such cases, there are two solutions possible.
The easiest solution is to switch to the ISP’s mail server and use that for sending and receiving mails. You just need to update your email client settings with the relevant details.
But many online businesses have their own mail servers and prefer using them. In such cases, configure the mail server to use another port such as 2525 or 587.
A security group rule has to be configured for the newly assigned port to allow connections from desired IP range. Once this is group is updated in the EC2 instance, mails would work fine.
Read: How you can prevent spam block listing of web hosting servers
In short..
Though AWS claims that their IPs are permanently white-listed at Spamhaus and other lists, there are many issues reported where mails fail to deliver due to IP blacklisting.
Here we discussed ways to deal with email delivery failures in AWS EC2 instances. However, its always better to proactively secure the email server to avoid any spamming and blacklist issues.
Read: How to secure a server
0 Comments