Can't telnet a server from vps

Question

i try to understand why i can't telnet this server 213.132.48.107 from any of my VPSs. Well this ip is for a mail server i don't own but our emails are not received by this server. when i checked the log i saw this error:

554 5.7.1 You are not allowed to connect.
Connection closed by foreign host.

I thought i'm in black list so i tried to telnet to that server from all my VPSs (7 VPSs) and always get the same error.

telnet 213.132.48.107 25
Trying 213.132.48.107...
Connected to 213.132.48.107.
Escape character is '^]'.
554 5.7.1 You are not allowed to connect.

But when i try from a dedicate server i can telnet.

I have contacted the server admin but didn't get any response. I still don't see any reason for them to block my IP address. we just installed the server and it's used for regular emails only.

Please help me

My VPSs run debian/ubuntu/centos and all created created by proxmox

It's obvious that the ip address or ip addresses of your VPS instances are blocked by that server. — joeqwerty, Mar 30 '17 at 16:51
No. You can confirm it yourself by telnetting from home, work, the coffee shop, etc. — joeqwerty, Mar 30 '17 at 17:38
As i said it's working from 3 dedicated server, but not working from virtual servers, that's the problem. i need to understand why i get that error when performing the telnet from virtual server. — mbouzahir, Mar 30 '17 at 19:23
That's not telnet, that's connecting to the SMTP port using a telnet client, which is not the same thing. Hopefully the client is smart enough to not speak telnet to a SMTP server; otherwise that might be your problem. — user, Apr 03 '17 at 14:33
Thank you for explaining the deference. i just try to understand why the server don't accept my server's mails. And send the error: 554 5.7.1 You are not allowed to connect. — mbouzahir, Apr 07 '17 at 17:35
The reason for the block may be connected to whoever had that IP address before you. Given the circumstances, you should contact the owner from a separate email account. — Jenny D, Apr 11 '17 at 16:36
I'm voting to close this question as off-topic because only the owner of the target server can answer why their server is blocking you. — Jenny D, Apr 11 '17 at 16:37

score 0 · Accepted Answer · answered Mar 30 '17 at 22:48

0

The server is configured not to accept connections from your ip. Obviously, it blocks them even before HELO.

You may check your VPS ip against some blacklists. If it's listed, try to get it unlisted.

If it is not listed, you may need to contact the mail server admin, why you cannot send mail to this server or if it is even supposed to accept mail from the internet. Maybe you're connecting a system, which isn't used to accept mail from other servers?

answered Mar 30 '17 at 22:48

allo

1,524
1
19
35

Thank you for your answer but i checked my ip is not listed in any blacklist in the link you gave. – mbouzahir Apr 01 '17 at 01:49
1

Then you will need to ask the server admin, why connections from your ip (range) are blacklisted at his server. Maybe another RBL not listed there, may he decided on his own to blacklist the range, or there are different reasons. – allo Apr 01 '17 at 08:13
1

How did you find the IP of this server? It could be it is whitelist-only and expects all email to come from a higher priority MX host / spam filter system. – Jason Martin Apr 02 '17 at 16:12
Contacted the server admin didn't get any response. I still don't see any reason for them to block my IP address. we just installed the server and it's used for regular emails only. Thanks anyways. – mbouzahir Apr 02 '17 at 16:21

score 0 · Answer 2 · answered Apr 03 '17 at 22:33

0

Check your PTR record for the IP being used for your mail server. Some mail servers will block access if you're using a generic PTR record or if the PTR doesn't match what your mail server host is set to.

It doesn't look like you're being blocked by the firewall. It looks like an RBL or some other kind of block in the mail server itself.

answered Apr 03 '17 at 22:33

Steve Hernandez

66
2

I have PTR record and when i test the server here https://www.mail-tester.com/ i get 10/10 – mbouzahir Apr 05 '17 at 10:26

score 0 · Answer 3 · answered Apr 05 '17 at 11:21

0

Many e-mail servers nowadays use a block by default policy, since many VPS servers are being abused by spammers for sending spam. You need to resolve this with server's administrator.

answered Apr 05 '17 at 11:21

Tero Kilkanen

34,499
3
38
58

score 0 · Answer 4 · answered Apr 09 '17 at 11:37

I suspect it might help answer your question if you shared your mail server logs, rather than a telnet-based test.

For one, the remote end might require encryption (e.g. STARTTLS), and therefore testing with telnet might be blurring the issue.

You also don't mention how you set up your VPSes, notably in terms of DNS: do you have MX and/or SPF records for your domain? If so, are your VPSes listed in those records?

You also mention a difference between your VPSes and a 'dedicated server': could you expand on this a little, notably in relation to the question about DNS above?

As it stands, you just don't give enough details to be able to say much more than "the remote end seems to be denying the requests you are sharing with us". There are a fairly large number of possible reasons for that, some of which involve the setup on the receiving end, and some of which involve your side of the equation.

Quite likely, the ultimate answer will be "the remote end doesn't allow traffic from VPSes/hosts lacking PTR/A pairs, etc". However, you don't provide enough background for it to be clear your end is not part of the issue.

Ok i'll explain more. -. The server mail's log doesn't say much it says only "554 5.7.1 You are not allowed to connect." -. I set up the mail server correctly (using Iredmail) everything is good i send ad receive emails to/from hotmail, gmail yahoo .... without a problem. -. I have problem only with the server about that throw that error. -. i have 3 dedicated servers i always divide them into three VM using proxmox (one for web, one for database and another for mail server) -. So i can telnet from all dedicated servers but when i try from any VM i get the error. ...next comment — mbouzahir, Apr 09 '17 at 18:19
So either there is something special about my VM's IPs or this server block all VM IPs from sending mail like if they are in public pool. — mbouzahir, Apr 09 '17 at 18:21

Chandan Singh · Answer 5 · 2017-04-06T11:43:09.070

-1

SMTP is used to relay emails for which people generally allow their know FQDN/IPs only. So Seems your public/Private IP of virtual host is not allowed to use that SMTP server to relay emails.

In order to get this working you may need to check the SMTP configuration and see if there is anything specific defined for those 3 dedicated servers and add your IP and check further.

Other notes : iptables are not blocking these request as as it is reaching till "connected" stage.

So I guess it is STMP configuration which is allowing email relay from specific IPs/FQDN only.

edited Apr 06 '17 at 11:43

answered Apr 04 '17 at 13:56

Chandan Singh

34
5

Good point, so it's blocked because it's a VM machine but i don't see why, maybe i have to do somthing in the host machine and open a port or somthing but don't see what it is yet. – mbouzahir Apr 05 '17 at 10:35
I am not saying its not working because you are trying to telnet from VM Machine. Just saying check your SMTP configuration on your mail server if there is any application ACL. – Chandan Singh Apr 06 '17 at 11:12
It's not my mail server that's the problem. and from my test i think they are blocking communication on port 25 from VM. Anyways thanks. – mbouzahir Apr 07 '17 at 17:26

Can't telnet a server from vps

5 Answers5