-1

I am configuring a new server, on a new network and struggling to get outbound SMTP to work to known mail servers.

If I do an nmap scan from my existing server - port 25 shows up, but from my new server it doesn't.

From existing server 

[user@existing ~]$ nmap -Pn -v smtp-mail.outlook.com --dns-servers 8.8.8.8
Starting Nmap 5.51 ( http://nmap.org ) at 2016-11-08 16:50 GMT
Initiating Parallel DNS resolution of 1 host. at 16:50
Completed Parallel DNS resolution of 1 host. at 16:50, 0.84s elapsed
Initiating Connect Scan at 16:50
Scanning smtp-mail.outlook.com (65.55.176.126) [1000 ports]
Discovered open port 25/tcp on 65.55.176.126
Discovered open port 587/tcp on 65.55.176.126
Completed Connect Scan at 16:50, 7.24s elapsed (1000 total ports)
Nmap scan report for smtp-mail.outlook.com (65.55.176.126)
Host is up (0.078s latency).
Not shown: 998 filtered ports
PORT    STATE SERVICE
25/tcp  open  smtp
587/tcp open  submission

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 8.11 seconds

From new server

[user@new ~]$ nmap -Pn -v smtp-mail.outlook.com --dns-servers 8.8.8.8

Starting Nmap 6.40 ( http://nmap.org ) at 2016-11-08 17:48 GMT
Initiating Parallel DNS resolution of 1 host. at 17:48
Completed Parallel DNS resolution of 1 host. at 17:48, 0.01s elapsed
Initiating Connect Scan at 17:48
Scanning smtp-mail.outlook.com (65.55.176.126) [1000 ports]
Discovered open port 587/tcp on 65.55.176.126
Completed Connect Scan at 17:48, 8.14s elapsed (1000 total ports)
Nmap scan report for smtp-mail.outlook.com (65.55.176.126)
Host is up (0.081s latency).
Not shown: 999 filtered ports
PORT    STATE SERVICE
587/tcp open  submission

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 8.19 seconds

Key difference being port 25 not showing.

AFAIK I am not blocking any outbound connections from new server.

So wondering if anyone has ideas on why this may be happening?

I'm presuming that nmap is performing a basic connect on the port and the response from this is not received back, but unclear why same connect to 587 works

For reference direct port connect to 587 showing working

[user@new ~]$ nc -v smtp-mail.outlook.com 587
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Connected to 65.55.163.152:587.
220 BLU437-SMTP51.smtp.hotmail.com Microsoft ESMTP MAIL Service, Version: 8.0.9200.16384 ready at  Wed, 9 Nov 2016 02:27:36 -0800

and to 25

[user@new ~]$ nc -v smtp-mail.outlook.com 25
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Connection timed out.
Dazed
  • 236
  • 2
  • 10
  • 2
    Perhaps your ISP is blocking port 25. This is quite common. – EEAA Nov 09 '16 at 10:36
  • @EEAA - thanks good call - ISP has indicating they are blocking outbound SMTP due to previous abuse of this (not by us) – Dazed Nov 09 '16 at 11:35

1 Answers1

1

As suggested by @EEAA - our ISP is blocking outbound port 25 SMTP due to abuse by others.

Dazed
  • 236
  • 2
  • 10