No announcement yet.

Very strange networking problem re port 25 traffic...

  • Filter
  • Time
  • Show
Clear All
new posts

  • Very strange networking problem re port 25 traffic...

    I have a very strange networking problem, its related to exchange communications, but also routing so I thought it would be appropriate for this section.

    We have a client running exchange 2010 and an antispam service (AVG Antispam).

    MX records point to antispam service, who then forward emails on to our server.

    Equally, all outbound emails are routed via avg antispam using a smarthost connector.

    every few days we are facing a problem where inbound and outbound email communications stop working completely.

    We have found that the only thing that will make the comms work again is rebooting the router.

    As soon as that is done, everything works fine.

    Whilst the problem is happening, telneting in to the network from an external computer fails (it just connects with a completely blank screen).

    Also, telneting out to another SMTP server on port 25 also fails - it just times out.

    I originally thought it was the router causing the issue, so that has been replaced with a brand new Vigor router, but still the problem persists.

    In addition, if I open port 26 on the router, and then set up a port redirect for 26->25, it works fine even when the issue arises - this makes me think that internally everything is operating correctly.

    Anyone got any ideas?
    David Silvester
    Systems Administrator

  • #2
    Re: Very strange networking problem re port 25 traffic...

    try restarting the transport service the next time it happens. ill bet mail will flow and you can telnet to the server after you do...

    im not sure why, but i have seen this before. open up EMS and run a "Get-TransportAgent" and see what is registered. if the AVG agent is registered, then run a "Get-TransportAgent | Disable-TransportAgent" and disable the AVG transport agent. im not sure exactly what its labeled, but it should be clear. restart the transport agent...

    see if you can send an email correctly, or try a telnet ehlo and send a message or query via 23.
    its easier to beg forgiveness than ask permission.
    Give karma where karma is due...


    • #3
      Re: Very strange networking problem re port 25 traffic...

      Thanks for the reply James.

      I thought that would resolve it as well to begin with - I have seen similar issues a few times, but restarting the transport service does not help - and in fact I'm certain that I have restarted the entire server and it does not resolve the issue (I'm going to confirm that next time it occurs).

      The issue is only resolved after a reboot from the router - thats why I was almost certain that changing the router would have solved it, but it hasn't.

      Also, it seems even more strange that once the issue occurs, we cannot even establish an OUTBOUND telnet connection over port 25...??
      David Silvester
      Systems Administrator


      • #4
        Re: Very strange networking problem re port 25 traffic...

        If all inbound and outbound SMTP traffic is supposed to come through the AVG service, you should set up the firewall to only accept inbound SMTP traffic from the AVG IPs and only accept outbound SMTP traffic from the Exchange server to the AVG IPs.

        If the firewall is already setup this way then the telnet tests you're doing would always fail. If it's not setup to narrowly allow SMTP traffic, you could be getting tons of SMTP session attempts from both internal and external sources that could be overwhelming the router.

        Does the router have the ability to show you the current sessions? If so you should take a look at the SMTP sessions to make sure they're legit.

        Network Consultant/Engineer
        Baltimore - Washington area and beyond


        • #5
          Re: Very strange networking problem re port 25 traffic...

          Hi Jeremy,
          thanks for your reply.
          Yes, I did have a receive connector set up to only receive on port 25.
          I did not have any outbound restriction in place though.

          Also, when testing, I reverted the receive connector to original values, thus allowing all traffic inbound on port 25.

          And as said, outbound port 25 had not been blocked by me.

          I did have a suspicion it may have been something at ISPs end, but when I spoke to them they said it was not.

          However, since speaking to them the issue has not occurred.

          I will keep this thread open and if and when it happens again, I will try some more trouble shooting steps based on what you have said.
          David Silvester
          Systems Administrator