Author Topic: GSuite SMTP not working when firewall turned on  (Read 1649 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
GSuite SMTP not working when firewall turned on
« on: November 13, 2016, 03:09:23 PM »
Hello i am new to centos web panel and cloud hosting stuffs. My website using SMTP gsuite google apps email to collect enquiries from visitors via contact form. This works good if i turned off firewall in centoswebpanel. when i turned on firewall, smtp not working. customers are ended in json uncaught connection timed out error popups. How to fix this? i need firewall to protect our site from hackers and spammer ips.

Thanks
Steve

Offline
*****
Re: GSuite SMTP not working when firewall turned on
« Reply #1 on: November 13, 2016, 08:18:02 PM »
what about white-list the ips ?

Offline
*
Re: GSuite SMTP not working when firewall turned on
« Reply #2 on: November 14, 2016, 05:01:40 AM »
how to whitelist googe apps ip? you mean these ip addresses? https://support.google.com/a/answer/60764?hl=en

Offline
*****
Re: GSuite SMTP not working when firewall turned on
« Reply #3 on: November 14, 2016, 03:48:27 PM »
you need to extract the ip addresses first

Offline
*
Re: GSuite SMTP not working when firewall turned on
« Reply #4 on: November 14, 2016, 03:49:48 PM »
Could you please guide me the steps?

Offline
*****
Re: GSuite SMTP not working when firewall turned on
« Reply #5 on: November 14, 2016, 03:53:48 PM »
add this IP ranges to white list this are all google IPs

Code: [Select]
64.18.0.0/20   
64.233.160.0/19   
66.102.0.0/20   
66.249.80.0/20   
72.14.192.0/18   
74.125.0.0/16   
108.177.8.0/21   
173.194.0.0/16   
207.126.144.0/20   
209.85.128.0/17   
216.58.192.0/19   
216.239.32.0/19   
2001:4860:4000::/36   
2404:6800:4000::/36   
2607:f8b0:4000::/36   
2800:3f0:4000::/36   
2a00:1450:4000::/36   
2c0f:fb50:4000::/36   
172.217.0.0/19   

Offline
*
Re: GSuite SMTP not working when firewall turned on
« Reply #6 on: November 14, 2016, 03:58:25 PM »
add this IP ranges to white list this are all google IPs

Code: [Select]
64.18.0.0/20   
64.233.160.0/19   
66.102.0.0/20   
66.249.80.0/20   
72.14.192.0/18   
74.125.0.0/16   
108.177.8.0/21   
173.194.0.0/16   
207.126.144.0/20   
209.85.128.0/17   
216.58.192.0/19   
216.239.32.0/19   
2001:4860:4000::/36   
2404:6800:4000::/36   
2607:f8b0:4000::/36   
2800:3f0:4000::/36   
2a00:1450:4000::/36   
2c0f:fb50:4000::/36   
172.217.0.0/19   

thank you let me try.

Offline
*
Re: GSuite SMTP not working when firewall turned on
« Reply #7 on: November 20, 2016, 10:15:03 AM »
Sandeep.

Adding ips to whitelist not works but this solution is finally working.

You have to allow outgoing traffic to ports 25, 465, 587 and in the case of Mandrill 2525 as will. You should actually be fine enabling only the one you will connect to. So:

sudo vim /etc/csf/csf.conf

add 25,2525,465,587 to TCP_OUT, and to TCP6_OUT if you use IPv6.

You might also need to remove that ports from SMTP_PORTS if you have SMTP_BLOCK enabled (if it is set to 1).

http://stackoverflow.com/questions/26320979/configure-csf-to-allow-outbound-smtp


It will be useful if any one faces the similar issue.

thanks