Can't open port 465

I have been trying to send an email to gmail through nodemailer, but it gave me the following error:

Error: queryA EREFUSED smtp.gmail.com
    at QueryReqWrap.onresolve [as oncomplete] (node:dns:209:19) {
  errno: undefined,
  code: 'EDNS',
  syscall: 'queryA',
  hostname: 'smtp.gmail.com',
  command: 'CONN'

After extensive digging, I found out that the problem is probably due to port 465 being closed (which is the port for smtps. Took me a while to figure out how to know if the port is closed. When checking whether port 465 is closed or not using nmap here is the output:

Host is up (0.0017s latency).

PORT    STATE  SERVICE
465/tcp closed smtps

and to make sure, this is the output for my open ports using nmap as well.

Host is up (0.013s latency).
Not shown: 997 closed ports
PORT    STATE SERVICE
53/tcp  open  domain
80/tcp  open  http
443/tcp open  https

I tried opening the port using iptables :

sudo iptables -A INPUT -p tcp --dport 465 -j ACCEPT

but it still won’t open, what am I missing?

What is

sudo iptables -L

saying?

You are probably barking up the wrong tree - those are probably incoming traffic - very few firewalls block outgoing traffic.

Are you sure gmail supports 465?

Most likely they are using 587/STARTTLS and you will need to enable client access using app password for your gmail account.

Maybe the Router blocks?

Chain INPUT (policy DROP)
target     prot opt source               destination         
ufw-before-logging-input  all  --  anywhere             anywhere            
ufw-before-input  all  --  anywhere             anywhere            
ufw-after-input  all  --  anywhere             anywhere            
ufw-after-logging-input  all  --  anywhere             anywhere            
ufw-reject-input  all  --  anywhere             anywhere            
ufw-track-input  all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:urd
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:urd
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:urd
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:urd

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ufw-before-logging-forward  all  --  anywhere             anywhere            
ufw-before-forward  all  --  anywhere             anywhere            
ufw-after-forward  all  --  anywhere             anywhere            
ufw-after-logging-forward  all  --  anywhere             anywhere            
ufw-reject-forward  all  --  anywhere             anywhere            
ufw-track-forward  all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ufw-before-logging-output  all  --  anywhere             anywhere            
ufw-before-output  all  --  anywhere             anywhere            
ufw-after-output  all  --  anywhere             anywhere            
ufw-after-logging-output  all  --  anywhere             anywhere            
ufw-reject-output  all  --  anywhere             anywhere            
ufw-track-output  all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:urd

Chain ufw-after-forward (1 references)
target     prot opt source               destination         

Chain ufw-after-input (1 references)
target     prot opt source               destination         
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:netbios-ns
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:netbios-dgm
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere             tcp dpt:netbios-ssn
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere             tcp dpt:microsoft-ds
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:bootps
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:bootpc
ufw-skip-to-policy-input  all  --  anywhere             anywhere             ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
target     prot opt source               destination         

Chain ufw-after-output (1 references)
target     prot opt source               destination         

Chain ufw-before-forward (1 references)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
ufw-user-forward  all  --  anywhere

It used to work before on my windows, so I highly doubt that this is the problem. Plus many people use gmail with 465. However, I will try the 587/STARTTLS approach, though it’ll take me some to tell you how it went, since I haven’t done that before so it’ll take me some time messing around.

I am sorry, not sure what you mean

I use gmail with:

Server Name: smtp.gmail.com
Port: 465
User Name: won’t tell :wink:
Authentication method: OAuth2
Connection Security: SSL/TLS

It would be unusual if your firewall
or that of the router you are probably going through
would block outgoing connections
(outgoing smb towards the internet is sometimes blocked … but that’s not relevant here)

Your firewall’s output policy is “accept”

Chain OUTPUT (policy ACCEPT)

and nothing outgoing is blocked as far as I can see

Sorry, i know. All Internet Routers have an integrated Firewall;
the ports you want to be open are likely to be blocked by default in your Routers Firewall… :innocent: