Why is Port 25 Blocked on VPS & Dedicated Servers?

Why is Port 25 Blocked on VPS & Dedicated Servers?

If you are experiencing issues sending email and have discovered that Port 25 is blocked on your server, this action was taken automatically by our automated anti-spam system. This is a standard security measure implemented to protect your server's IP address reputation and to ensure a healthy network environment for all our clients.

This guide explains the possible reasons for the block and outlines the steps you must follow to have the port reopened.

Possible Reasons for a Port 25 Block

Our automated system blocks Port 25 for security reasons when it detects one or more of the following activities:

• Bulk Email Sending in Violation of Policy: Attempting to send bulk, promotional, or marketing emails using the server's standard email port. Standard server configurations are not suitable for mass mailing and this often violates our Acceptable Use Policy.
• A Compromised Email Account: An email account on your server has been compromised—due to a weak password or theft—and is being used by third parties to send spam.
• A Vulnerable Website Script: An outdated plugin, theme, or a vulnerable contact form on a website hosted on your server (e.g., WordPress) is being exploited to send unauthorized emails.
• Malware on the Server: Malicious software has infiltrated your server and is running in the background, constantly sending spam.

Why We Don't "Just Open the Port"

We understand the request to "just open the port," but we cannot do so until the root cause of the problem is fixed. Opening the port before the source of the spam is eliminated would be harmful to you and our other clients. The server would immediately resume sending spam, which would quickly get your IP address blacklisted by major providers like Gmail and Microsoft, preventing even your legitimate emails from being delivered.

Our goal is to help you find a permanent solution, not a temporary fix.

Action Plan: How to Get the Port Unblocked

You must complete the following steps before creating a support ticket.

Step 1: Immediately Stop Your Mail Service

Connect to your server via SSH and stop the mail service immediately to prevent any further outgoing spam.

# For Debian/Ubuntu:
sudo systemctl stop postfix

# For cPanel/DirectAdmin/CentOS:
sudo systemctl stop exim

Step 2: Find and Fix the Source of the Problem

Review the possible causes listed above and take action:

• If you were sending bulk mail: Stop this activity immediately. For mass mailing, you must use a professional third-party SMTP service like Mailchimp or SendGrid.
• Check account passwords: Change the passwords for all email accounts on your server to new, strong, and complex ones.
• Update your websites: Update all your CMS platforms (e.g., WordPress), themes, and plugins to their latest versions. Delete any unused plugins or themes. Add security measures like CAPTCHA to your forms.
• Scan for malware: Run a comprehensive scan on your server using tools like Maldet or ClamAV and remove any malicious files found.

Step 3: Create a Support Ticket

After you have completed the steps above, open a support ticket from your client area and provide us with the following information:

1. Confirmation that you have stopped the mail service and configured it not to start automatically on reboot.
2. A detailed explanation of what you identified as the root cause and how you have fixed it. (e.g., "I have stopped the marketing mailing," or "I have changed all passwords and updated plugin X.")
3. A statement confirming that you are confident your server is no longer sending unsolicited emails.

IMPORTANT NOTE: To maintain the highest level of account and network security, we reserve the right to request additional account verification (e.g., ID or document confirmation) before we can proceed with unblocking the port.

Once our team is satisfied with the information and the preventative measures you have taken, we will initiate the process to unblock the port.