Setup Firewall Closed for port 25, but why still Open ?

Posted on May 10, 2020

I already setup Firewall at control panel, with open only 22, 80, 443 for Inbound Rules, but nothing rules at Outbound.

After that, I check with ‘sudo netstat -plunt’

but why output at my console is this :

tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1033/mysqld
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 9409/monitorix-http tcp 0 0 127.0.0.53:53 0.0.0.0: LISTEN 639/systemd-resolve* tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 898/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0: LISTEN 1173/master*
tcp6 0 0 :::80 :::* LISTEN 1091/apache2
tcp6 0 0 :::22 :::* LISTEN 898/sshd
tcp6 0 0 :::25 ::: LISTEN 1173/master*
tcp6 0 0 :::443 :::* LISTEN 1091/apache2
udp 0 0 127.0.0.53:53 0.0.0.0: 639/systemd-resolve*

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

KFSys

May 11, 2020

Hi @ifin2001,

The netstat command shows you on which ports a service is listening to, this doesn’t necessarily mean it doesn’t have it’s outbound connection closed.

Having the port closed means that the said service on port 25, can’t send outbound and receive inbound traffic however it can still work internally. I assure you, this is nothing to worry about and if you want to test it, try running NMAP on your droplet to see which ports are actually open to the world: