This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
we have the requirement to connect to an SMTP server via port 25 and traffic must originate from a well known public IP.
So we did setup a NAT Gateway, connected our Function (Premium Plan) to the subnet and linked everything to use the public IP for outbound traffic.
In the subscription (Pay as you go) settings we also followed the process to unlock port 25, it says to no longer be restricted.
Despite all of this, our connection attempts still timeout. Our debugging attempts via telnet / netcat run into the same errors.
We used a second provider (mailtrap) to verify the connectivity issues are not related to the other party. Also there, connection attempts on port 25 run into timeouts.
Other outgoing requests, e.g. to port 2525 or 587 with mailtrap are successful and use the public IP.
What else is there we can do to further debug the issue and enable us to send the mails via port 25?
Is any of our components blocking this without a chance to unlock? (Function, NAT Gateway, ...)?
Any help is much appreciated. Thanks!
Cedric
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 10%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDG%3C/text%3E%3C/svg%3E)
Hope the Microsoft confirmed on the port 25 exemption.
Have your ruled out all the NSG and port bocks from the vnet/subnet for port 25 deny ?
As part of debugging, can you create a small VM in azure and test the SMTP outbound from windows or linux box?
We created a small VM, attached it to the same network and NAT Gateway, but only a different subnet.
The VM was able to communicate on port 25 to services outside of MS Azure.
Seems to me like this port 25 restriction can be lifted for VMs, but not for Azure Functions.
Possible.
I faced this issue with some other azure non VM services. Hence wanted you to isolate the factors.
best option is reach out to MS azure support for any known limitations or issues in your subscription.
@Cedric As mentioned in this document Azure platform will block outbound SMTP connections on TCP port 25.
Alternative you can leverage third party service such as SendGrid that provides these type of services. You can refer to Troubleshoot outbound SMTP connectivity problems in Azure for more details.
Sharing previous discussion on the same.
Port 25 can be allowed based on exceptions in Azure. I think the requestor is already done the required process to allow the 25 bit still its failing.
Yes, the subscription was already unblocked.
Using SendGrid (or any DSGVO compliant alternative) is not an option, it must be port 25.
@Cedric In that case can you open a support ticket with us so the team can assist you further.