Announcement

Collapse
No announcement yet.

Exchange 2003 and telnet port 25

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2003 and telnet port 25

    Evening All,

    Current setup is a test domina with windows 2003 srv and exchange 2003.

    My main nextwork is on a 10.1.1.x subnet and I have a 192.168.0.x twork as my test domain. I have routes configured so I can connect to the test network from my main network.

    I have port forwarded port 25 to my exchange 2003 server on the 192.168.0.x domain. I have successfully send and recieved mail from my exchange server but cannot telnet onto it??

    When I attempt to telnet to mail.mydomain.local I get a time out. When I run a portqry against my domain on port 25 I get a 'Filtered' responce. As I said mail successfully goes to and from my domain but I cannot telnet to port 25 on there.

    Any ideas?

    Michael
    Michael Armstrong
    www.m80arm.co.uk
    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

  • #2
    Re: Exchange 2003 and telnet port 25

    You might want to check two things:

    1. Firewall software which may be blocking port 25 (remember that Outlook doesn't use port 25 to send/receive email to Exchange, so firewall software wont neccessarily block this communication)

    2. AV software. I know for definate that McAfee V8 and above has 'access protection' rules which prevent telnet on port 25 (I think it blocks telnet on everything except port 23, to be honest). You have to physically stop the McAfee McShield service to get telnet to work again to non-standard ports


    Also, check here:

    http://forums.petri.com/showthread.php?t=8786


    Tony
    Last edited by tmacca; 30th July 2006, 21:58.

    Comment


    • #3
      Re: Exchange 2003 and telnet port 25

      What is the relationship between your test and production network? Routed or NAT?
      You talked about routes between main and test network but you also mantaind a port forwarding.
      Please clarify.
      Regards,
      Csaba Papp
      MCSA+messaging, MCSE, CCNA
      ...............................
      Remember to give credit where credit is due and leave reputation points where appropriate
      .................................

      Comment


      • #4
        Re: Exchange 2003 and telnet port 25

        Originally posted by tmacca
        You might want to check two things:

        1. Firewall software which may be blocking port 25 (remember that Outlook doesn't use port 25 to send/receive email to Exchange, so firewall software wont neccessarily block this communication)

        2. AV software. I know for definate that McAfee V8 and above has 'access protection' rules which prevent telnet on port 25 (I think it blocks telnet on everything except port 23, to be honest). You have to physically stop the McAfee McShield service to get telnet to work again to non-standard ports


        Also, check here:

        http://forums.petri.com/showthread.php?t=8786


        Tony
        1, also a possibility is a SPI firewall.
        2. Mcafee won't block telnet to it, but doesn't support mass mailing what exchange does. That's why you need to disable that piece from the access protection.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: Exchange 2003 and telnet port 25

          Originally posted by tmacca

          1. Firewall software which may be blocking port 25 (remember that Outlook doesn't use port 25 to send/receive email to Exchange, so firewall software wont neccessarily block this communication)

          Tony
          Outlook and the exchange server are on the same network (192.168.0.x). External mail is working fine to and from the exchange server.
          Originally posted by tmacca

          2. AV software. I know for definate that McAfee V8 and above has 'access protection' rules which prevent telnet on port 25 (I think it blocks telnet on everything except port 23, to be honest). You have to physically stop the McAfee McShield service to get telnet to work again to non-standard ports
          Tony
          there is no software on the exchange server as I am just using it for exam preperation

          As I said, external mail is working fine to and form the exchange server. Port 25 is forwarded from my router (Linksys WRT54g) to my exchange server (192.168.0.5) but I just find it a bit strange that I do not get a responce from a telnet command to port 25. Connecting to the exchange server internally both from my 10.1.1.x and 192.168.0.x networks works fine and I get the required responce i.e. telnet 192.168.0.5 25 from 10.1.1.x network.
          Michael Armstrong
          www.m80arm.co.uk
          MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

          Comment


          • #6
            Re: Exchange 2003 and telnet port 25

            Originally posted by netxt
            What is the relationship between your test and production network? Routed or NAT?
            You talked about routes between main and test network but you also mantaind a port forwarding.
            Please clarify.
            There is a route configured so I can access my 192.168.0.x network form my 10.1.1.x network. This is so i can copy files to and from my test network and also use Remote desktops rather than use virtual server.

            Port 25 is forwarded on my router to 192.168.0.5 (My exchange server).

            Michael
            Michael Armstrong
            www.m80arm.co.uk
            MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

            Comment


            • #7
              Re: Exchange 2003 and telnet port 25

              What happens if you telnet to the IP address and no the hostname??

              It may be that you need a host record in DNS.

              Comment


              • #8
                Re: Exchange 2003 and telnet port 25

                What happens if you telnet from the server to itself (127.0.0.1) on port 25?
                Server 2000 MCP
                Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

                ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                Comment


                • #9
                  Re: Exchange 2003 and telnet port 25

                  Originally posted by Dumber
                  2. Mcafee won't block telnet to it, but doesn't support mass mailing what exchange does. That's why you need to disable that piece from the access protection.
                  McAfee DOES block telnet traffic on port 25 on the workstations to prevent mass mailers relaying emails through the server. Thats why you need to disable it on the client. It doesnt prevent legitimate SMTP traffic on port 25 on the Exchange server though, obviously!

                  Comment


                  • #10
                    Re: Exchange 2003 and telnet port 25

                    Originally posted by wullieb1
                    What happens if you telnet to the IP address and no the hostname??

                    It may be that you need a host record in DNS.
                    Still no responce.

                    I can telnet internally form my 10.1.1.x network and also my 192.168.0.x network by both IP address and DNS name
                    Michael Armstrong
                    www.m80arm.co.uk
                    MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

                    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                    Comment


                    • #11
                      Re: Exchange 2003 and telnet port 25

                      Originally posted by tonyyeb
                      What happens if you telnet from the server to itself (127.0.0.1) on port 25?
                      Works fine!!

                      Michael
                      Michael Armstrong
                      www.m80arm.co.uk
                      MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

                      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                      Comment


                      • #12
                        Re: Exchange 2003 and telnet port 25

                        Have you checked that your Exchange server has the IP address of your client machine in its 'allowed relay' list?

                        Comment


                        • #13
                          Re: Exchange 2003 and telnet port 25

                          Originally posted by tmacca
                          Have you checked that your Exchange server has the IP address of your client machine in its 'allowed relay' list?
                          I dont see how that has any relevance. Shourly you should be able to telnet onto any smtp server. I can telnet onto numerous SMTP servers that I know of.

                          Michael
                          Michael Armstrong
                          www.m80arm.co.uk
                          MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

                          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                          Comment


                          • #14
                            Re: Exchange 2003 and telnet port 25

                            Originally posted by tmacca
                            Have you checked that your Exchange server has the IP address of your client machine in its 'allowed relay' list?
                            Maybe you mean the Connection control settings... but I don't think this is it either because emails are going through OK, right?
                            Regards,
                            Jeremy

                            Network Consultant/Engineer
                            Baltimore - Washington area and beyond
                            www.gma-cpa.com

                            Comment


                            • #15
                              Re: Exchange 2003 and telnet port 25

                              Originally posted by JeremyW
                              Maybe you mean the Connection control settings... but I don't think this is it either because emails are going through OK, right?
                              Correct!!.

                              Mail runs perfect, when i check the host header information of a mail it is successfully sent from my server and recieved by my personal mail account fine.

                              Do you think I have to allow telnet port 23 to my exchange server as well? I know this is not normal but all I can think of is my linksys router is blocking the requests somehow.

                              Michael
                              Michael Armstrong
                              www.m80arm.co.uk
                              MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

                              ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                              Comment

                              Working...
                              X