Page 1 of 1

SMTP_BLOCK ports

Posted: 10 Nov 2016, 07:17
by cyonch
Hello

we have a problem with the SMTP_BLOCK feature on some CentOS 7 servers.
Our SMTP_BLOCK config:

Code: Select all

SMTP_BLOCK = "1"
SMTP_ALLOWLOCAL = "1"
SMTP_REDIRECT = "0"
SMTP_PORTS = "25"
SMTP_ALLOWUSER = "cpanel"
SMTP_ALLOWGROUP = "mail,mailman"
This works like expected:

Code: Select all

2        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25 owner GID match 206
3        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25 owner GID match 12
4        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25 owner UID match 201
5        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25 owner UID match 0
But after some random time port 465 and 587 will be also blocked:

Code: Select all

    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587 owner GID match 206
 3363 5435K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587 owner GID match 12
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            127.0.0.1            multiport dports 25,465,587 owner UID match 201
  654 57680 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 25,465,587 owner UID match 0
After restarting csf (csf -r) everything works like expected for some time.
Our csf version is 9.27.
Do you have any idea what's going wrong?

Re: SMTP_BLOCK ports

Posted: 10 Nov 2016, 09:15
by ForumAdmin
As it is a cPanel server you probably also have a WARNING message when csf starts explaining why. You need to ensure that you have not enabled WHM > Tweak Settings > Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak).