Suddenly outgoing mails are stopped

[imran_khan]

Hello,

We are facing issue with the outgoing mails. Today suddenly outgoing mails are stopped. We have checked and found that, Exim service is running but we are not able to telnet on port 25 from server to out (e.g.:- telnet smtp.gmail.com 25). We have temporarily stopped the iptables and now we are able to telnet and also mails are going properly from the server.

We did not make any changes in the iptables and Apf firewalls. Mails are working fine before this issue. Please suggest me on the same.

Thanks,
Imran Khan.

 

[quizknows]

Check your APF configuration. Flush IPtables and then restart APF after you confirm the configuration is correct.

 

[imran_khan]

Hello,

Thanks for the reply.

Recently I did not make any changes in Iptables and Apf firewalls.
I observed that when I stop Iptables, Apf stopped automatically.

Thanks,
Imran Khan.

 

[cPanelMichael]

Hello

If the issue is resolved when you stop iptables, then it indicates the problem is with your firewall rules. You may want to to uninstall APF and install an alternate firewall management tool such as CSF to see if that helps.

Thank you.

 

[imran_khan]

Hello,

Apf is started automatically and it is in running state.

There is issue with iptables rules not APF because currently mails are going fine.
I have checked the iptables logs but did not find any logs related to this issue. Why this suddenly happened?

Thanks,

 

[cPanelMichael]

It's important to keep in mind that cPanel does not implement custom iptables firewall rules (except for a select couple of options that would not prevent outgoing email). You may want to disable APF, and flush your iptables rules, save the empty ruleset, and then enable APF again if you are 100% positive that this has nothing to do with APF.

Thank you.

 

[imran_khan]

Hello,

I have stopped the iptables and APF using command /etc/init.d/iptables stop and /etc/init.d/apf stop.
Then after some time APF started automatically, when I am checking the status of iptables service it is showing APF rules (apf –l) in it. How should I differentiate Iptables and APF rules.

Thanks,
Imran Khan.

 

[cPanelMichael]

APF uses iptables so it's normal to see that. Out of curiosity, is there any reason you prefer to use APF over CSF? CSF is a little more user-friendly in my opinion, so it might be useful for someone that's not too familiar with how a firewall operates.

Thank you.

 

[imran_khan]

Hello Michael,

Thanks for the reply.

I am familair with the iptables not APF and CSF. Apf firewall is installed from starting.

Currently APF is running and iptables is stopped. If I start the iptables service and flush the iptables rules so will it flush the APF rules as well with iptables rules?

Thanks,
Imran Khan.

 

[cPanelMichael]

I am not familiar enough with APF to know how exactly they implement the firewall rules. That question would be better directed to the support for APF itself. Why not uninstall it and use CSF instead? You will find much more support for CSF.

Thank you.