Setup Firewall Closed for port 25, but why still Open ?

Posted May 10, 2020 948 views

I already setup Firewall at control panel, with open only 22, 80, 443 for Inbound Rules, but nothing rules at Outbound.

After that, I check with ‘sudo netstat -plunt’

but why output at my console is this :

tcp 0 0* LISTEN 1033/mysqld

tcp 0 0* LISTEN 9409/monitorix-http
tcp 0 0* LISTEN 639/systemd-resolve
tcp 0 0* LISTEN 898/sshd

tcp 0 0* LISTEN 1173/master

tcp6 0 0 :::80 :::* LISTEN 1091/apache2

tcp6 0 0 :::22 :::* LISTEN 898/sshd

tcp6 0 0 :::25 :::* LISTEN 1173/master

tcp6 0 0 :::443 :::* LISTEN 1091/apache2

udp 0 0* 639/systemd-resolve

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hi @ifin2001,

The netstat command shows you on which ports a service is listening to, this doesn’t necessarily mean it doesn’t have it’s outbound connection closed.

Having the port closed means that the said service on port 25, can’t send outbound and receive inbound traffic however it can still work internally. I assure you, this is nothing to worry about and if you want to test it, try running NMAP on your droplet to see which ports are actually open to the world:


Where XXX.XXX.XXX.XXX is actually the IP of your droplet.