Announcement

Collapse
No announcement yet.

Trying to figure exchange settings

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Trying to figure exchange settings

    Hi,
    I started to work at a new company as a single sys admin.

    we use an external message security service called MessageLabs, all incoming mail and outgoing mail go through it for virus & spam scanning.

    the exchange server is configured to use port 26 for SMTP incoming connection.

    and in the firewall there are two rules to mapp both 25&26 ports from our external addreess to local port 26 on the exchange server.

    can someone suggest why the previous sys admin used this configuration?

    there will be a follow up question(s) after I'll get some answers

  • #2
    Re: Trying to figure exchange settings

    are you sure the inbound port is 26 ?
    if it is like that, i think the better question is why the sysadm used port 26?
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Trying to figure exchange settings

      Sounds as if it is a quick'n'dirty security solution by using a non-standard port.

      Agree -- WHY?
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Trying to figure exchange settings

        That's my question, what could be the reason behind using non default port for SMTP.

        to get thing even weirder I tried to change the inbound port to 25 and the the mapped port rules to 25 too, I'm able to receive and send mails but the exchange server still listen on port 26!
        Last edited by asafk; 3rd February 2011, 09:17.

        Comment


        • #5
          Re: Trying to figure exchange settings

          I have seen this a few times when organizations allow users to connect to the Exchange server using POP3 or IMAP connections from the internet. The reason why is I have noticed more and more residential ISPs now block outbound port 25 traffic. This is especially true with Verizon's residential ISP. They want you to use their SMTP servers.

          Comment


          • #6
            Re: Trying to figure exchange settings

            Hi,

            This is just another way to detour your spam if you under spam attack the first thing you do is change the default port. So may be some tech pro has recommended to change the non default port. and since all the messages are coming via message labs they must be sending it to port 26

            in case you want to change it you can do it via properties of default smtp virtual server or any other virtual server if created.
            Thanks & Regards
            v-2nas

            MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
            Sr. Wintel Eng. (Investment Bank)
            Independent IT Consultant and Architect
            Blog: http://www.exchadtech.blogspot.com

            Show your appreciation for my help by giving reputation points

            Comment


            • #7
              Re: Trying to figure exchange settings

              A good idea but if your incoming mail is from message labs then they should be the only source connection allowed through your firewall anyway.
              Agreed though, I can't see any reason to have it on 26 in this scenario!
              cheers
              Andy

              Please read this before you post:


              Quis custodiet ipsos custodes?

              Comment


              • #8
                Re: Trying to figure exchange settings

                I'm still trying to figure the firewall settings:

                policy 1) source : messagelabs port 25 destination : exchange port 26
                policy 2) source : 0.0.0.0.0 port 26 destination : exchange port 26

                Comment


                • #9
                  Re: Trying to figure exchange settings

                  That doesn't seem correct. It's usually any port to specific destination port.
                  The second rule allows any server, what are you MX records pointing to by the way?
                  Your firewall should be able to give you logs to indicate which rules are in use and when etc.

                  I would hope something like this:

                  Message Labs IP subnets (these are on their website)
                  Random port
                  |
                  |
                  25
                  Perimeter Firewall
                  Random
                  |
                  |
                  25
                  Exchange Server

                  I would also recommend, at least, a rule that only allows smtp traffic from your exchange server outbound from the internal network and blocks all other servers.
                  cheers
                  Andy

                  Please read this before you post:


                  Quis custodiet ipsos custodes?

                  Comment


                  • #10
                    Re: Trying to figure exchange settings

                    Originally posted by AndyJG247 View Post
                    That doesn't seem correct. It's usually any port to specific destination port.
                    The second rule allows any server, what are you MX records pointing to by the way?
                    Your firewall should be able to give you logs to indicate which rules are in use and when etc.

                    I would hope something like this:

                    Message Labs IP subnets (these are on their website)
                    Random port
                    |
                    |
                    25
                    Perimeter Firewall
                    Random
                    |
                    |
                    25
                    Exchange Server

                    I would also recommend, at least, a rule that only allows smtp traffic from your exchange server outbound from the internal network and blocks all other servers.
                    our mx records point to message labs

                    Comment

                    Working...
                    X