Can't telnet into mail server


I have a machine running CentOS. From that machine I can't telnet into a mail server.

From my local machine I can do the following command:

telnet 25

From there I can't send emails like in this tutorial.

But from the particular machine running CentOS I only see:


Until I get a timeout.

What might be happening? Might it be a firewall blocking the connection?


Posted 2016-01-22T17:32:57.320

Reputation: 123

If you did not implicitly allow the traffic then its likely being implicitly denied. Verify you are forwarding the port to the machine, verify you are allowing traffic on that port from – Ramhound – 2016-01-22T17:35:18.390

@Ramhound I've tried doing this: The problem persists. Is there any way for me to see what is blocking the connection?

– petermlm – 2016-01-22T17:37:30.030



It may be the target mailserver is blocking connection to the port or that the port itself is not open on the mailserver.

First, can try to ping the mailserver to make certain it is resolving.

ping mailserver.tld

If the hostname resolves, then you can try to scan the port with nmap (should be available on your CentOS installataion)

nmap -p port_number mailserver.tld

If the port is not open, it may be they are using another port for mail. You could try to scan all the ports on the server

nmap -sT remote_host

Be careful however since some servers may not take kindly to this scan and block your IP address as a result.


Posted 2016-01-22T17:32:57.320

Reputation: 103


If you can establish a connection to port 25 from some systems, but not the CentOS system, I'd assume that the mail server is not blocking incoming connections to port 25. For mail servers, that port is commonly left open to the world, since TCP port 25 is the default Simple Mail Transport Protocol (SMTP) port used by mail servers to deliver email to other mail servers and, if you want anyone in the world to be able to send your users email, you will usually not impose any IP address restrictions on incoming connections to that port, since you don't know the IP address of every other mail server in the world.

On the other hand, ISPs will often block outgoing connections to that port, since they don't expect home users to be running their own mail servers and want to block infected user systems from distributing spam or malware - "botherders" often sell the use of the systems they control as spam distribution points. They may expect home users to route mail out through the ISP's mail servers, which will employ antispam measures.

The ISP may allow outgoing email to port 587, though, because when that port is used by an email client to send email to an email server then authentication is used. I.e., the user is providing credentials to authenticate himself, which substantially reduces the likelihood that the email is coming from a system that has been infected by malware that is being used as a spam distribution agent or to further distribute the malware by email.

You will find a similar block deployed by network support staff for many businesses for the same reason. If they only allow outgoing connections to the business' own email servers they can ensure that some infected system within the business' LAN is not spewing spam to the world, which can result in an IP address for the business being added to DNS-based Blackhole Lists maintained by antispam organizations, such as SORBS, Spamhaus, etc.

You can see if you have the same problem using a publicly accessible SMTP server provided by Microsoft. If there isn't an outgoing block, either on the CentOS system itself, which isn't likely if you configured the system and control it yourself, but could be if someone else set it up and blocked outgoing connections to port 25 using host-based firewall software on the system, or whether the network provider is blocking outgoing connections to port 25, by trying telnet 25. You should see the following:

$ telnet 25
Connected to
Escape character is '^]'.
220 Sending unsolicited commercial or bulk...


Posted 2016-01-22T17:32:57.320

Reputation: 4 432

Yes, the block is probably coming from the ISP. Or from the host of the machine running CentOS. I'll have to talk with a few people to check if this is indeed the problem on Monday. If it is I'll mark you question as correct. Thank you! – petermlm – 2016-01-23T18:55:36.150