The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Weird Network Degredation

Discussion in 'General Discussion' started by dev.null, Jul 31, 2017.

  1. dev.null

    dev.null Well-Known Member

    Joined:
    May 27, 2003
    Messages:
    78
    Likes Received:
    1
    Trophy Points:
    158
    I honestly think this is on the remote end, I'm posting this here to see if you guys have any suggestions to offer. The only thing I think that could be doing this on my cpanel box is one of the security settings, but all the ones I look at don't seem to be related.

    Is there anything in cpanel that blocks network connections at the application layer?

    I have a client that sends mass email through smtp.com. They have a php written that pulls email from their queue (database) and connects to smtp.com for delivery.

    After working for years, it quit working starting last week. Basically the 3-way tcp handshake happens, then nothing. In less than a minute the remote end (smtp.com) issues a disconnect.

    They've offered a number of different ports to use, none of them work. My cpanel has several IPs, so I switched to use one of the other IPs to transmit from, it began working again.

    12 hours later, the second IP also quit working.

    When I telnet to smtp.com from my personal computer, I see the 3-way handshake and immediately their server sends a 220 ESMTP message, and then awaits commands.

    From my cpanel I never get the 220 packet. So I think the network layer is working fine, but the application layer isn't working - like their MTA has blacklisted me, allowing the tcp connection but then ignoring it.

    I've checked with my provider (linode) to make sure they don't have some anti-spam appliance that is doing this, they have nothing.

    I've looked through my cpanel's iptables rules, but don't see anything there. I even explicitly allow their IP at the top of my INPUT and OUTPUT chains - not that it matters since I'm actually seeing the packets traverse netfilter.

    When I ask smtp.com about it they telnet to their server and say "see, works for me!".

    You guys have any ideas?
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,399
    Likes Received:
    52
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    It does not appear to be a cPanel issue, but rather I suspect it to be a firewall issue. For an quick check, can you just disable the firewall, iptables, or whatever firewall you have on your server and then try to connect? May be some modification in the firewall blocked it.
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,285
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Can you browse to "WHM >> SMTP Restrictions" and verify if that option is enabled? Also, if you use the CSF firewall, can you verify if the "SMTP_BLOCK" setting is enabled?

    Thank you.
     
Loading...

Share This Page