Hello, I hope this is the appropriate place to ask for help.
I am trying to run a mastodon server on the linode instance (which I used the affiliate link to set up) on an ubuntu 18.04 server and I have run in to a couple snags. I hope this is a reasonable place to ask for some assistance as this is my first experience administering a server like this.
So when I test my ssmtp server from the command line, the terminal hangs for a couple minutes and then I see an error “ssmtp: Cannot open smtp.gmail. com:587”
I think this may be my iptables configuration.
Below is my ssmtp.conf
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=friendface.club@gmail. com
# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain. com
mailhub=smtp.gmail. com:587
AuthUser=friendface.club@gmail. com
AuthPass=XXX
AuthMethod=LOGIN
UseTLS=YES
UseSTARTTLS=YES
# Where will the mail seem to come from?
rewriteDomain=gmail. com
# The full hostname
hostname=friendface.club@gmail. com
# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
FromLineOverride=YES
TLS_CA_File=/etc/ssl/certs/ca-certificates.crt
Below is my iptables/rules.v4
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 587 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -j ACCEPT
Let me know if you see something which is obviously wrong.
Thank you.