Hi, thanks for the extra details.
Because your server is behind a Mikrotik with NAT, the difference is exactly that mail.ugutec.com.ar resolves to your public IP (170.83.34.117), while server.ugutec.com.ar resolves locally to 127.0.0.1 from /etc/hosts.
When WordPress (or telnet) tries mail.ugutec.com.ar:587, the packets go out towards the public IP, hit the Mikrotik, and then need to come back in again. That’s hairpin NAT / NAT reflection. If it’s not enabled or not working, you’ll get the “connection timed out” behavior you saw.
That’s why adding mail.ugutec.com.ar to /etc/hosts works. It bypasses NAT and points the mail subdomain straight to localhost.
It’s not really a Debian 12 vs. Debian 11 change. More likely your old server had a different /etc/hosts setup, or your old Mikrotik rules allowed hairpin NAT and your new config doesn’t.
Options to fix it:
-
Keep the hosts entry (valid workaround, many admins do it).
-
Or set up split-horizon DNS so that internally,
mail.ugutec.com.arresolves to the server’s LAN IP instead of the public IP. -
Or enable hairpin NAT on the Mikrotik so connections to the public IP loop back correctly.
That way WordPress can reach mail.ugutec.com.ar without hitting the NAT wall.