Port 465 - not working in GCP

google-compute-engine

Google blocks some traffic due to the risk of abuse. Running your own mail server in GCP is pointless unless you just need to receive emails (you won't be able to send them though).

See the documentation about sending out emails from GCP:

By default, Compute Engine allows outbound connections on all ports except port 25, which is blocked because of the risk of abuse. All other ports are open, including ports 587 and 465.

It's best to use a 3rd party solutions to send out emails - such as MailJet or SendGrid.

In addition to using standard email ports, having a trusted third-party provider such as SendGrid, Mailgun, or Mailjet relieves Compute Engine and you from maintaining IP reputation with your receivers.

Here's some more info how to set them up.

Have a look at my answer to a similar question here.

However - given your case - you should have been able to connect but you'd have to post more details about your server configuration to troubleshoot this.

You can check if the port is open with nmap -p 465 EXTERNAL_IP_VM; you should see something like this:

wb@cloudshell:~$ nmap -p 53 1.1.1.1
Starting Nmap 7.70 ( https://nmap.org ) at 2020-11-05 11:20 UTC
Nmap scan report for one.one.one.one (1.1.1.1)
Host is up (0.0046s latency).

PORT   STATE SERVICE
53/tcp open  domain

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

STATE open means that this port is open for traffic. But if you get 465/tcp filtered smtps that means it's not going to work.

If the port is open to make sure anything listens on it ssh into your vm and check it with sudo lsof -nP -iTCP -sTCP:LISTEN | grep 465 and see if anything listens on that port. I checked port 80 and got:

wb@deb10-sample-www-page:~$ sudo lsof -nP -iTCP -sTCP:LISTEN | grep *:80
nginx   7631     root    6u  IPv4  29349      0t0  TCP *:80 (LISTEN)
nginx   7631     root    7u  IPv6  29350      0t0  TCP *:80 (LISTEN)
nginx   7709 www-data    6u  IPv4  29349      0t0  TCP *:80 (LISTEN)
nginx   7709 www-data    7u  IPv6  29350      0t0  TCP *:80 (LISTEN)
nginx   7710 www-data    6u  IPv4  29349      0t0  TCP *:80 (LISTEN)
nginx   7710 www-data    7u  IPv6  29350      0t0  TCP *:80 (LISTEN)

UPDATE

Your OS firewall settings are OK. Port 465 is open for both incoming and outgoing traffice.

You GCP firewall rules are also set in a correct way.

From the last screenshot I can clearly see that port 465 is in closed state that means nmap was able to connect and get a response from the OS but there's no app listening on it.

Issue is with your phpmailer configuration. I've found some usefull discussions on Stack that can help you out:

  • https://stackoverflow.com/questions/18535294/mail-not-sending-with-phpmailer-over-ssl-using-smtp
  • https://stackoverflow.com/questions/35596504/phpmailer-failing-with-ssl
  • https://stackoverflow.com/questions/45535280/sending-emails-from-port-465-makes-the-website-unresponsive-phpmailer

Related

Firewall setup - Input and Output
VPN to a customer's site locking out my local AD account
Are there NAS devices that can be chained together?
Nginx how to show IP blocked page?
Block all Ports only open Postfix SMTP port
No route to DNS server from Docker container
IIS Rewrite Multiple URLS to Ports
502 errors with apache mod_proxy hot standby (or equivalent)
Ubuntu Allow users access to roots "screen" command, also restrict which screens they can attach to
Can Varnish automatically determine which storage medium should be used to cache an object?
Renaming User inside Ubuntu offline Guest VM from the Host
Rsyslog 8 dynafile with a template