Azure/AWS Mail blocked on Port 25

This issue revolves around Azure and AWS outbound SMTP from their virtual machines / EC2 instances.



For Pay-As-You-Go or Microsoft Partner Network subscriptions created after November 15, 2017, there will be technical restrictions blocking e-mail sent directly from VMs in these subscriptions. Customers that need the ability to send e-mail from Azure VMs directly to external e-mail providers (not using an authenticated SMTP relay) can make a request to remove the restriction.

Requests will be reviewed and approved at Microsoft’s discretion and will be only granted after additional anti-fraud checks are performed. To make a request, open a support case with the issue type Technical –> Virtual Network –> Connectivity –> Cannot send e-mail (SMTP/Port 25).

Be sure to add details about why your deployment needs to send mail directly to mail providers instead of going through an authenticated relay.


Note: If you want AWS to create a reverse DNS record for you, you must first create a corresponding DNS A record before submitting this form.
1. Sign in and open the Request to Remove Email Sending Limitations form.
2. In the Use Case Description field, provide a description of your use case.
3. (Optional) Provide the AWS-owned Elastic IP addresses that you use to send outbound email, as well as any reverse DNS records AWS needs to associate with the Elastic IP addresses. AWS will use this information to help reduce the chance that email sent from the Elastic IP addresses is marked as spam.
4. Choose Submit.

You can replicate a sending error by attempting to connect to an external email server. E.g. on 25/tcp.

For plesk, you can use port 587. See: