Please unblock port 25 (allow outbound mail connections)
This is of course already addressed in you documentation, but as far as we're concerned the given answer is inappropriate for us. We do not wish to spam anyone, send mass emails, or abuse the system in any other way. I would expect the service to allow us the chance to prove this and not block such outgoing traffic until any actual offense takes place.
I was very pleased to have started work on your platform, but this single issue is likely to force me to search for a different provider.
We are currently testing a new option that may help people send mail without using a third party service. If you are interested in testing this product, please fill out the interest request form here1. Product Management for the feature may reach out to you.
We are also continuing to make improvements to our system to allow for some customers that have an established relationship with us to apply for an exception to be able to send directly on port 25. There are a number of IP reputation issues that have to be worked through for such a use case, so it should not be considered a common solution that will meet everyone’s needs.
We will have more updates on both of these items over time.
"We will have more updates on both of these items over time" must mean every 2-years we'll think about it?
Google wants us to use Gmail so that they can harvest more data from us. Google has done a lot of good, but google is getting fat. I'm using 2 other vps providers. I am glad that there is no monopoly, and that we are able to use other providers that do a better job.
Google really should change, and stop blocking ports. But even if they did, I would not use google vps, because they are overpriced, and their fees are very underhanded.
yeah, for this reason alone i am done. I already wasn't happy about using a cloud service from a censoring giant like google, but was intrigued with their $300/12 month free trial. Nope, Will be signing up for the bluehost vps service tomorrow as i've already been using them for years.
i've been working for hours trying to setup a mail server and thought it was something that "I" was doing wrong.
Nope, **** this.
use tutanota.com for email people.
Hi Guys! is very annoying yes agree, i think the best workaround is yandex, i used in many different projects now , so i have really no limits and dont need to pay crazy money, i opted using yandex.com , mail hosting, so i still can have my own emails and free
Qamarudeen Muhammad commented
Finally, I got here, after almost two week of troubleshooting non-existence trouble on my GCP VM with sending email issues. Thinking I can use other port like 2525 (when I know port 25 is blocked by almighty Google) by twerking postfix to do my bidding yet without success.
As one of candidate that partake in Africa Google Scholarship on Google Cloud, I think Google product are far from what weare been told in the classroom after all, I can confirm that, yes all Cloud provider blocked port 25 by default as I had read lots of other people experience on port 25, but it is always open eventually by the provider. Google will do well if it can follow this practice.
I intending moving moving over 100 client on my hosting platform to GCP, but with this impasse, I will put it on hold until the sky is clear.
Alamgir Hossain commented
Hello GC admins/authority!
We use GC for better security and all in all in same place. Every hosting company & datacenter allow to use port 25 and 587,465 for own mail system. It's shame that Google ask to use external service without providing own solution. Why we should use GC when we need to find external solution?
We want to keep our data by own system, not to other provider. So far we also tried to entry to your beta option testing form. But it's also closed!!
We are looking forward to open port 25,465,587 as soon as possible.
So I am joining the bandwagon.... It took me a little while to figure out why my mail was not sending. So after wasting 2 days setting up a mail server, only to find out I can never send an email is simply a show-stopper!! I have been thinking about GCP VM usage for a while now.. but after discovering this.. I'm done, I'm not even going to waste my time with Googles bulls**t "were looking into...", because Google has been known to "look into..." blackholes!!
And when you see things like https://killedbygoogle.com/ it makes you wonder if there is any point ...
I would have to say not being able to send email directly blows donkey chunks! Why would someone want to rely on a separate host to send email. Looks like pretty much any ISP offering servers weather baremetal, cloud based or what have you they all allow port 25 outgoing mail. The minimal is that you have to justify the port opening but they all do it except google. PUKE!
We use alot of AWS services. This is bad. Will need to run AWS servers as well.. Why should I use GCP when we also need AWS... We only want one cloud hosting and GCP has a major road block for us. Port 25 must have a way to be approved for unblocking like AWS does.
16 hours of work only to find out that there is no way to use the 25 door very angry!
@ Paul Nash
Hi, any news about port 25, we want to stay in Google Cloud Platform, but if that continues, we will have to migrate sadly or how do I request an exception for port 25
Please... when will this be completed? I can't use your "test product" in a customer-reliant production environment.
this is just a deal breaker...
Ok so when is this testing going to be completed so we can all have port 25 opened? You've cost me just about $1,000 with this so far, waiting!
Mick Wright commented
So what is basically the case here is that it is completely pointless me setting up VestaCP or any website where I want control of my email server, I'll be forced to use a (cough) trusted third party... what if I don't trust your trusted third party, they haven't met my criteria to be trusted have they? And I'm the customer right?
This blocking of outgoing email is essentially a showstopper here, surely, for heavens sake Google are aware of this, I refuse to believe you are all really that daft! There's no point in the compute engine for actual websites if in house, private, email analysis and outgoing emails are blocked? That seems a little pointless wouldn't you say?
Google are the worlds leader in machine learning, web applications, operating systems (given android), and cloud services, yet you can't distinguish a spammer who's credit card details and address you have from a bone-fide customer? Really? I find that extraordinarily hard to believe if I'm being honest here. In fact is complete nonsense, I'm not buying it! 100% of Google cloud customers have already demonstrated their full contact details, address, location and everything a spammer wouldn't give you in a billion years. You are punishing everyone based on the premise that some might be the dumbest spammers on earth and spam (which I'm sure they will for maybe a nanosecond until you'd shut them down) and the second premise is that you would be powerless to notice such SMTP traffic leaving their instance? Really?
This is not exactly engendering a lot of trust on my part if one of the largest IT companies on the planet can't determine spam from regular email. Yet you can of course. Google manage this feat of engineering fine with my gmail address. Also stop asking me for my email address at every turn and on every communication, its a google email address and I'm logged in...
In addition I found this out today, after spending several days rooting through config files in Vesta and Exim trying to work out why mail wasn't leaving my local server.... Thats just not good enough, you've eaten through my time. It might not be a lot to you guys but my time is money! You wasted my time here...
An email to the email address registered with my account, when my mails bounce off this firewall, would have been nice, and saved me a lot of time, time that makes your testing budget, given graciously (thank you) a pretty much pointless exercise! Thanks for that, that's just super!
Jagadeesh Sugumar commented
We have planned our move to Amazon AWS just because of the restrictions on mail port 25. Thank you GCE.
@ Paul Nash
Yes it was the default firewall. I figured that out later.
But with Google blocking ports, it took longer to realize it.
So the question is, is port 25 the only port that Google blocks or are there others?
Google should list what ports are blocked so that people new to Google VPS will know ahead of time, and save them frustration.
To fix the default firewall, click "create firewall rule" for Ingress with IP address 0.0.0.0/0
Then click "create firewall rule" for Egress with IP address 0.0.0.0/0
And setup firewall in the VPS.
It would also be nice if there was a simple on / off option for the external firewall.
I think you're referring to the fact that by default, Firewall Rules  prevent most ports from being accessed. This is a security feature and very much on purpose. Please refer to the docs for more details on how to open ports that you would like to use.
And it's not just port 25. Google blocks most ports. Only a small hand full does Google allow. This means that if you want to change your ssh port to make your server more secure, as is highly recommended, you will have trouble, as most ports are blocked. And as far as I can see, Google does not publish a full list of what ports it does not block. But most ports are blocked. Google should at least provide a list of what ports they allow.
Google has Gmail, and has no desire to compete with itself. Just like when you do a video search on Google you will get Youtube results and very few if any results from individual web sites.
Servers are naturally by default set up to send e-mail when there are issues. Not having e-mail on a server is like having a laptop with internet disabled.
Update to previous post:
I was able to repair a VM by imaging the drive, then creating another VM, then attaching a new drive using the VM image, then repairing that drive, then making another image of it, then creating a new VM using a drive created with the second image. So even though Google does not provide a virtual CD to do a repair, as most VPS providers do, This other method does work.
Google also does not have console access, nor a recovery boot disk.
Those things are standard on other VPN hosts.
Once your VM fails to let you ssh in, and it will, as google corrupts the system, you have no way of repairing it.