Can't send mail from non-root account to remote recipient

swbrains

Well-Known Member
Sep 13, 2006
202
27
178
My server was running fine until the past day or so. Then it started queuing every email sent by a hosted customer account to an external mail domain. Here are the results of my research:

My customers use a script produced by me that calls "sendmail" to send messages (using CPAN module MIME::Lite). It has always worked and code has not changed.

I wrote a small test program to send a message from the server. I determined that if I send a message to a recipient with a domain hosted on my server, it sends it properly. If I send a message to a recipient with a remote domain (like gmail.com or rr.com), it fails to connect (connection timeout).

If I SSH into the server as root and telnet to a rr.com mail server, it says it is connected ok.

If I SSH into the server as a test customer account (non-root access) and telnet to a rr.com mail server, it gets a connection timeout.

The rr.com mail server I tested with is example-example-example-example.email.rr.com, pulled from a mail queue record that had failed to deliver.

Could something on the server have changed with regard to the operating system or cpanel (an update maybe) that now perhaps blocks port 25 for non-root users? It does seem like non-root users lost some type of permission in the past couple of days with regard to at least email sent to remote servers. Maybe something changed with the firewall (CSF) that no longer allows such non-root connections to remote servers?

Thanks for any light you might be able to shed on this. I have many customers on this server who now cannot send emails to their website members.

Regards,
Vinnie
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
Hello,

Can you open a support ticket using the link in my signature so we can take a closer look to see why the connection to the remote mail server is failing?

Thank you.
 

swbrains

Well-Known Member
Sep 13, 2006
202
27
178
Just wanted to update this ticket with the solution that worked for me to assist users who may search for this topic later:

The required change was to edit the CSF Firewall Configuration and set the following SMTP parameters:

SMTP_BLOCK => "OFF"
SMTP_ALLOWLOCAL => "ON"

None of my CSF settings had been recently changed by me and sending mail from hosted (non-root) accounts to domains on remote mail servers always worked fine. It would seem something changed "automagically" on the server, perhaps as part of an automatic update, that either changed these settings or enforced them differently than in the past. Unfortunately, I don't know the state of these two settings prior to the update to know if they were set this way (the working way) but were somehow changed during an update, or if the system previously ignored these settings and then started enforcing them after the update.

In either case, this was the change that seemed to allow non-root users to send outgoing email to domains on remote mail servers. Hope this helps someone! :)