Not sure if this is still relevant, but I had the same issue and opened a ticket. This is the response from them:
Stopping spam is a constant fight and due to this, your account has restrictions specifically on port 25. However, you are be able to use mail services using ports 587, 993, 995 and 465. You will need to open these ports in your firewall. Here is our guide to common iptables commands:
We realize this is inconvenient, but many customers in your position move their mailing activities to a third party service such as SendGrid or similar which processes such mail separately from their droplet. I’m sorry for the frustration but we’re not able to lift this port restriction at this time.
In terms of a workaround, here are a few alternatives:
- Utilize port 587 for SMTP relay via another mail provider, for example G Suite/Gmail, Mailgun, etc. We have a guide on doing so using Postfix here:
- Configure your app or service to send mail directly using either a SMTP client connection (typically using port 587), or API call via another mail provider such as Sendgrid, Mailgun, Mandrill, etc.
Please note that with this restriction in place on port 25, mail servers hosted here will be unable to directly relay email to other mail servers, as communication between mail servers typically takes place on port 25.
We think the API is the best solution, as it is honestly more scalable and what we would use if we wanted to "future proof” the project.
If you have any further questions or concerns, please feel free to reach back out to us at any time.“
and in the next response
"If you have a different DigitalOcean account when you have access to port 25, you may have been subject to different policies. Our internal security has changed in regard to this port. I would recommend either, using your other account or creating teams from your other account.
In regard to this account, the port is unfortunately going to remain blocked per our security policies. We completely understand if this means that we are no longer a viable solution for your project. If you have any further questions or concerns, please feel free to reach back out to us at any time.”
So, their offical answer is, they don’t give a shit if you use them or not. They actually say so directly. Even when I can show I have another account that does not have this policy.
I can accept that this is blocked by default, but the unwillingness to lift this restriction when asking for it, is unacceptable. I will start looking for other service providers, who does not block standard implementations just to get rid of a few bad eggs (spammers).