Outbound SMTP Port Policy for cVirtual, cMetal, and iColocation
Publisher: Psychz Networks, March 19,2026Outbound SMTP Port Policy for cVirtual, cMetal, and iColocation
This article explains Psychz's default outbound SMTP port policy for cVirtual, cMetal, and iColocation services, including how to request access to port 25.
Overview
By default, outbound port 25 is blocked on all new cVirtual, cMetal, and iColocation services.
Ports 465 and 587 are open by default and can be used for authenticated SMTP with providers such as Microsoft 365, Google Workspace, SendGrid, Amazon SES, Mailgun, and similar services.
This policy helps protect network reputation while still allowing most customers to send email through authenticated third-party mail platforms without delay.
Default SMTP Port Access by Service
| Service | Port 25 | Ports 465/587 | How to Request Port 25 |
|---|---|---|---|
| cVirtual | Blocked by default | Open by default | Open a support ticket for review |
| cMetal | Blocked by default | Open by default | Submit a protocol access request for the specific Device ID in the dashboard; staff will review the request. Once approved, port 25 can be enabled or disabled by the client from the dashboard. |
| iColocation | Blocked by default | Open by default | Open a support ticket for review; if approved, staff will open port 25 |
Why Port 25 Is Restricted
Port 25 is primarily used for direct server-to-server SMTP delivery. Because it can be used to send mail directly from a service IP address, it carries a higher risk for spam, abuse, and IP reputation damage.
In contrast, ports 465 and 587 are typically used for authenticated SMTP submission through established mail providers. For most customers, those ports are sufficient and do not require port 25 access.
When Port 25 Is Needed
You may need port 25 access if you are:
- Running your own outbound mail server
- Sending mail directly to recipient mail servers
- Operating a relay, gateway, or mail filtering platform that requires direct SMTP transport
- Hosting a legitimate application or platform that depends on direct outbound SMTP delivery
If you only need to send mail through a third-party provider such as Microsoft 365, Google Workspace, SendGrid, or Amazon SES, you should use port 465 or 587. In most cases, port 25 is not required.
How to Request Port 25 Access
cVirtual
cVirtual does not include a Protocol Manager. To request outbound port 25 access, please open a support ticket and provide all required details listed below.
cMetal
For cMetal, you can submit a protocol access request in the dashboard for the specific Device ID. Our staff will review the request. Once approved, you will be able to enable or disable port 25 from the dashboard for that approved device.
iColocation
To request outbound port 25 access for iColocation, please open a support ticket and provide all required details listed below. If approved, our staff will open port 25 for the service.
Information Required for Port 25 Requests
To review your request, please include the following information:
- Service details
Service type (cVirtual, cMetal, or iColocation), service ID, hostname, and IP address(es). - Business or project use case
Describe exactly why outbound port 25 is required and what service or application will be sending mail. - Mail server software
Specify the software you will use, such as Postfix, Exim, Exchange, PowerMTA, MailEnable, or another platform. - Type of mail being sent
Explain whether the mail is transactional, business correspondence, customer support, alerts, internal relay, or another legitimate use case. - Sending domains
List all domains that will be used for outbound mail. - Expected sending volume
Provide an estimate of daily and monthly outgoing message volume. - Recipient type
Confirm whether mail will be sent to your own users/customers only, internal systems, or broader public recipients. - Opt-in and list source
If applicable, explain how recipients are collected and confirm that recipients have opted in to receive your email. - Abuse prevention controls
Describe what controls are in place to prevent spam or compromise, such as rate limits, authentication controls, monitoring, queue management, or account restrictions. - DNS mail records
Confirm whether SPF, DKIM, DMARC, reverse DNS, and hostname alignment are configured or will be configured before sending. - Website or company information
Provide the website URL and basic business information associated with the sending domain(s). - Reason ports 465/587 are not sufficient
Explain why authenticated SMTP through a third-party provider cannot be used for your setup.
Recommended Request Format
You can copy and paste the following template into your ticket or request:
Service Type: Service ID / Device ID: Hostname: IP Address(es): Reason port 25 is needed: Application or platform sending mail: Mail server software: Sending domain(s): Website URL: Type of email being sent: Expected daily volume: Expected monthly volume: Recipient type: How recipients are obtained: Abuse prevention controls in place: SPF configured: Yes / No DKIM configured: Yes / No DMARC configured: Yes / No rDNS configured: Yes / No Reason ports 465/587 cannot be used: Additional notes:
Important Notes
- Port 25 requests are reviewed on a case-by-case basis.
- Approval is not guaranteed.
- Psychz may request additional information before making a decision.
- If abuse, spam activity, or policy violations are detected, port 25 access may be revoked without notice.
- Customers are responsible for maintaining proper mail server security, authentication, and reputation management.
Summary
For cVirtual, cMetal, and iColocation services, outbound port 25 is blocked by default, while ports 465 and 587 are open by default. Customers who need port 25 for a legitimate self-hosted mail use case may submit a request for review using the process described above.