Cannot use ports 25, 587 or 465 from France to US
 

Interesting new problem. I've just arrived in France from the US. My cell phone and Thunderbird client (both on WiFi) use port 25 to send outgoing mail to a server in the US. I cannot connect to any port 25 on the various US based servers I know. I've tried telnet'ing to ports 25 and 587 to servers I know are listening on these ports. No go, yet from within the US, no problem. I've also run 'ncat -k -lv -p 465' on a US server and tried telnet'ing to it - nothing. The French ISP is Freebox and the local (French) IP is 82.243.111.216.

There is nothing in the US server's maillog and, in fact, is simply not connecting at all.

I've traveled to France yearly for the past 12 years and never run into this problem -- although this time I'm in Lille and before I was in either Paris or Burgundy.

Any ideas? For the moment I an ssh'ing into a US server (interestingly port 22 is open) and running mailx to read and send mail.

Try a traceroute. That might give you some hint as to where the connection is failing.

Ask a local that has a different provider maybe to double check??

I am not surprised. I would assume your mail servers have added restrictions to block access. It could be a particular ISP address range or all of France or maybe non US ISPs. Your using ssh as a VPN and therefore the mail servers think your in the US versus France.

Generally speaking, one does not connect to port 25 to send mail, and, in the US at least, most all residential ISPs block access to that port to prevent abuse. I'd expect the same of Proxad/Freebox. I am surprised that is the OPs client configuration for sending email.

587 and 465 are ports used for connecting to send email (I know...y'all already knew that), and it would be pretty strange for an ISP to block them outbound, but it could be blocked by the server because of abuse/cracking attempts inbound. I've lost count of the number of IPs we block for that reason....thousands, I expect, tho we don't block the posted IP.

If you can ssh to a server that's not allowing the connection, you should be able to 1) confirm that it's listening on the port to which you're trying to connect and 2) identify what's causing the refusal (iptables, firewall-cmd, tcp.smtp, etc.) Any of those should log a rejection. On my server those are in /var/log/messages for firewall-cmd and /var/log/qmail/* logs for the smtp servers, not in maillog.

Thanks for all the feedback. scasey, I did ssh to a server not allowing the connection and listened to the ports using ncat. But, you did put your finger on the problem.

25 does appear to be blocked at the French ISP end. I have configured the US mail server and yes, it does listen on 25, and no, the US ISP does not block 25. It also listens on 587 however, the router on the US mail server was not forwarding port 587. I just tried enabling 587 to forward to the mail server (fortunately, I have the router configured for remote admin) and I was then able to send mail from France using that US mail server. So problem understood (thanks to scasey) and solved.

I'm glad to be able to help point you in the right direction.