postfix – Can not open ports 993 and 995

For some reason, I do not see how to open ports 993 and 995, here is all the information I could think of including. I'm clueless, but this is new to me in the Linux world. I like it, I just want to understand that.

Debian Linux operating system 9

Perl version 5.024001 Path to Perl / usr / bin / perl

Postfix version 3.1.12 mail injection command / usr / lib / sendmail -t

Apache version 2.4.25

Versions of PHP 7.0.33

Webalizer version 2.23-08

Logrotate version 3.11.0

MySQL version 10.1.38-MariaDB-0 + deb9u1

ProFTPD version 1.35
SpamAssassin version 3.4.2

ClamAV version 0.100.3

****** EXTERNAL DOMAIN SCAN ******

Start Nmap 7.40 (https://nmap.org) on ​​2019-04-28 18:09

Nmap analysis report for ReddedIP

The host is up (latency of 0.0018 s).

Not illustrated: 986 closed ports

PORT STATE SERVICE

21 / tcp open ftp

22 / tcp open ssh

Filtered Telnet 23 / TCP

Open smtp 25 / tcp

53 / tcp open domain

80 / tcp open http

Rpcbind filtered by 111 / tcp

443 / tcp open https

465 / tcp open smtps

Nmap does: 1 IP address (1 host up) scanned in 98.25 seconds

****** INTERNAL SCANNING OF PORTS 993 AND 995 ******
root @ byteit: / home / daymond # nmap -p993 10.0.0.141

Starting Nmap 7.40 (https://nmap.org) on ​​2019-04-28 8:55 PM
Nmap analysis report for 10.0.0.141

The host is active (0.00013 latency).

PORT STATE SERVICE

993 / tcp closed images

Nmap made: 1 IP address (1 host rising) scanned in 0.37 seconds

root @ byteit: / home / daymond # nmap -p995 10.0.0.141

Starting Nmap 7.40 (https://nmap.org) on ​​2019-04-28 20h56

Nmap analysis report for 10.0.0.141

The host is active (0.00013 latency).

PORT STATE SERVICE

995 / tcp closed pop3s

Nmap made: 1 IP address (1 host rising) scanned in 0.37 seconds

****** LIST OF TABLES ******
root @ byteit: / home / daymond # iptables –list

INPUT string (ACCEPT policy)
target target source opt opt

ACCEPT everything – no matter where anywhere ctstate BOUND, ESTABLISHED

ACCEPT everything – no matter where

INPUT_direct all – n anywhere where any

INPUT_ZONES_SOURCE everything – no matter where

INPUT_ZONES all-n anywhere where any

DROP all-n 'anywhere where any ctstate INVALID

REJECT everything – no matter where anywhere reject – with icmp-
forbidden host

Chain to Watch (ACCEPT Policy)
target target source opt opt

ACCEPT everything – no matter where anywhere ctstate BOUND, ESTABLISHED

ACCEPT everything – no matter where

FORWARD_direct all – anywhere from anywhere

FORWARD_IN_ZONES_SOURCE everything – no matter where

FORWARD_IN_ZONES all – anywhere from anywhere

FORWARD_OUT_ZONES_SOURCE everything – no matter where

FORWARD_OUT_ZONES all – anywhere from anywhere

DROP all-n 'anywhere where any ctstate INVALID

REJECT everything – no matter where-anywhere reject-with icmp-host-forbidden

OUTPUT string (ACCEPT policy)

target target source opt opt

OUTPUT_direct all – n anywhere where any where

Chain FORWARD_IN_ZONES (1 references)

target target source opt opt

FWDI_public all – anywhere from anywhere [goto]

FWDI_public all – anywhere from anywhere [goto]

FORWARD_IN_ZONES_SOURCE string (1 references)

target target source opt opt

Chain FORWARD_OUT_ZONES (1 references)

target target source opt opt

FWDO_public all-n 'anywhere where any [goto]

FWDO_public all-n 'anywhere where any [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)

target target source opt opt

Chain FORWARD_direct (1 references)

target target source opt opt

Chain FWDI_public (2 references)

target target source opt opt

FWDI_public_log all – anywhere from anywhere

FWDI_public_deny all – anywhere from anywhere

FWDI_public_allow all – anywhere from anywhere

ACCEPT icmp – no matter where any where

Chain FWDI_public_allow (1 references)

target target source opt opt

Chain FWDI_public_deny (1 references)

target target source opt opt

Chain FWDI_public_log (1 references)

target target source opt opt

Chain FWDO_public (2 references)

target target source opt opt

FWDO_public_log all – anywhere from anywhere

FWDO_public_deny all – anywhere from anywhere

FWDO_public_allow all – anywhere from anywhere

Chain FWDO_public_allow (1 references)

target target source opt opt

FWDO_public_deny string (1 references)

target target source opt opt

Chain FWDO_public_log (1 references)

target target source opt opt

Chain INPUT_ZONES (1 references)

target target source opt opt

IN_public all – n 'anywhere where no matter where [goto]

IN_public all – n 'anywhere where no matter where [goto]

Chain INPUT_ZONES_SOURCE (1 references)

target target source opt opt

Chain INPUT_direct (1 references)

target target source opt opt

REJECT tcp – no matter where anyportport multiport
ssh match-set fail2ban-sshd src rejects-with icmp-port-inaccessible

REJECT tcp – no matter where any multiport dports webmin match-set fail2ban-webmin-auth src rejects-with icmp-port-inaccessible

REJECT tcp – No matter where anywhere multiport port dp ftp, ftp-data, ftps, ftps-data match set fail2ban-proftpd src rejects-with icmp-port-inaccessible

REJECT tcp – No matter where any multiport port smtp, urd, bid-set fail2ban-postfix src reject-with icmp-port-inaccessible

****** THIS LINE DOES I STOP? ******

REJECT tcp – No matter where anyportport multiport pop3, pop3s, imap2, imaps, submission, urd, sieve matching match fail2ban-dovecot src rejects-with icmp-port-inaccessible


REJECT tcp – no matter where any is sleeping mult port ssh, sftp matching set fail2ban-ssh-ddos src rejects-with icmp-port-inaccessible

Chain IN_public (2 references)

target target source opt opt

IN_public_log all – anywhere from anywhere

IN_public_deny all – anywhere from anywhere

IN_public_allow all – anywhere – anywhere

ACCEPT icmp – no matter where any where

Chain IN_public_allow (1 references)

target target source opt opt

ACCEPT tcp – no matter where any tcp dpt: submission
ctstate NEW

ACCEPT tcp – no matter where any dpt tcp: domain
ctstate NEW

ACCEPT tcp – no matter where any dpt tcp: ftp-data ctstate NEW

ACCEPT tcp – no matter anywhere any tcp dpt: 2222 ctstate NEW

ACCEPT tcp – no matter where any dpts tcp: webmin: 10100 ctstate NEW

ACCEPT tcp – no matter anywhere any tcp dpt: 20000 ctstate NEW

ACCEPT tcp – no matter where any dp tcp: 1025: 65535 ctstate NEW

ACCEPT udp – no matter where any dp udp: domain ctstate NEW

ACCEPT tcp – no matter anywhere any tcp dpt: ssh ctstate NEW

ACCEPT tcp – no matter where any dpt tcp: ctstate smtp NEW

ACCEPT tcp – no matter whereever dpt anywhere tcp: urd ctstate NEW

ACCEPT tcp – no matter whereever dpt anywhere tcp: ftp ctstate NEW

ACCEPT tcp – n 'Anywhere whereever dpt tcp: pop3 ctstate NEW

ACCEPT tcp – no matter where any tcp dpt: ctstate pop3s NEW

ACCEPT tcp – no matter anywhere any tcp dpt: imap2 ctstate NEW

ACCEPT tcp – no matter where any dpt tcp: imaps ctstate NEW

ACCEPT tcp – no matter where any tcp dpt: ctstate http NEW

ACCEPT tcp – no matter where any tcp dpt: https ctstate NEW

Chain IN_public_deny (1 references)

target target source opt opt

Chain IN_public_log (1 references)

target target source opt opt

Chain OUTPUT_direct (1 references)

target target source opt opt

And yes, I have all ports transferred, in fact on TCP and UDP. I do not know if it's a firewall or something else.