I have a dedicated server with Bluehost where I put to work several scripts and projects (specially Python). One of them consists of a basic email sender through smtp.gmail.com, port 465, but it randomly stopped working. After digging and digging, I realized that my user in that server is not successfully communicating to smtp.gmail.com. But turns out it is not communicating with smtp.live.com nor imap.gmail.com either, so I guess that something is wrong there.
When I execute the command: openssl s_client -crlf -connect smtp.gmail.com:465 thorugh sudo (or directly from root user) and in the server these are the outputs:
CONNECTED(00000003)
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = imap.gmail.com
verify return:1
---
Certificate chain
0 s:CN = imap.gmail.com
i:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
1 s:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
i:C = US, O = Google Trust Services LLC, CN = GTS Root R1
2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1
i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
blablablabla
.
.
.
blablablabla
-----END CERTIFICATE-----
subject=CN = imap.gmail.com
.
.
.
etc
And from my user:
CONNECTED(00000003)
depth=3 C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, CN = AAA Certifi cate Services
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = US, ST = TX, L = Houston, O = "cPanel, Inc.", CN = "cPanel, Inc. Certification Au thority"
verify return:1
depth=0 CN = [My server name!!!!! WHY?????]
verify return:1
---
Certificate chain
0 s:/CN=[my server name]
i:/C=US/ST=TX/L=Houston/O=cPanel, Inc./CN=cPanel, Inc. Certification Authority
1 s:/C=US/ST=TX/L=Houston/O=cPanel, Inc./CN=cPanel, Inc. Certification Authority
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Au thority
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Au thority
i:/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services
---
Server certificate
-----BEGIN CERTIFICATE-----
blablablabla
.
.
.
blablablabla
-----END CERTIFICATE-----
subject=CN = [My server again]
.
.
.
etc
Same thing happens with imap.gmail.com, smtp.live.com, and I guess etc. My server seems to be communicating with itself instead external servers.
Other openSSL queries to websites through port 443 work perfectly, AND SOMETHING IMPORTANT, when I do Telnet smtp.gmail.com 25, it also gets connected with my own server, not the case with sudo/root user, where it works perfect.
Could I have something broken with SSL or something like that?
Thank you!
2
Answers
The best solution was contacting Bluehost, and after scaling to their senior team, they got with the solution:
Access to outside systems is restricted to port 80 and 443 for shared hosting. To cite from Bluehost Web Hosting Help – Script Cannot Make Outbound Connection: