• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 605
  • Last Modified:

Exchange 2003 not collecting mail via SMTP

Hi Everybody,
Small Business Server 2003 with Exchange Server 2003 SP2
I've just de-installed Etrust Secure Content Manager from a server that also had Exchange 2003 on it as well. It was set so that Etrust caught mail on port 25 and then forwarded it to Exchange server on port 2525. Everything worked fine like that.
However, the company was being hit by some 500 spam messages per hour, so we decided to use an internet based filtering company to stop the spam before it hit the server.

Anyhow, yesterday I removed Etrust and changed the SMTP virtual server to listen again on port 25 - however, all mail at the internet site is being held due to the Exchange Server not being available.
I've tried to telnet to port 25 and don't get the normal response - just a blinking cursor with no txt reply.

Can anyone suggest what I need to do to make it work again without Etrust.

The IP address hasn't changed, so the firewall port forwarding is still the same - I've also tried setting the server as a DMZ - but still get no response.
Also looked at the services file and there are no changes or additions to SMTP on port 25.

Please help this is extremly urgent.

Thanks and Regards
Mark
0
aark-it
Asked:
aark-it
  • 8
  • 5
  • 3
  • +5
1 Solution
 
JohnGerhardtCommented:
It looks to me that SMTP is up but not allowing you access, Have you checked underExchange System manager the properties for SMTP. Unde r the access tab there is a connection section where you can specify what computer can or annot connect. Check what is there?
Hope this helps, get back to me and we can see.
-Jaggie
0
 
aark-itAuthor Commented:
Hi Jaggie,
Checked in there and it only had the main IP address - on checking the relay option that also had the loopback address (127.0.0.1) so added that as well to the access options.
Still no joy I'm afraid.

Stopped and Started the virtual before I tried to telnet again.

Any where else I can look?

Thanks and Regards
Mark
0
 
JohnGerhardtCommented:
Ehh lets think...!
Have you checked that the SMTP Virtual Server is bound to the correct IP address. This appears on the front page of the properties of that Virtual Server..?
-Jaggie
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
JohnGerhardtCommented:
Also you could check that Authenication section of the same acces tab that you looked at earlier...
-Jaggie
0
 
aark-itAuthor Commented:
Hi Jaggie,
Thanks for that - tried everything and all looks OK.
I have another SBS Exchange server I've looked at and pretty much everything (except IP addresses of course) is identical. The other one works - this one doesn't.
It appears that Etrust has left something behind taking charge of port 25 so that exchange cant see it.
Any other ideas welcome.

Thanks and Regards
Mark
0
 
SembeeCommented:
What else is on the machine? Some AV software will block port 25 access, so it could be another product on the machine that is blocking the SMTP traffic.

Simon.
0
 
aark-itAuthor Commented:
Hi Simon,
It has Etrust anti-virus on it as well - so just disabled (stopped all the processes and services) and tried again. Still no joy.
It worked fine when secure content manager was listening on port 25 and passing onto exchange on port 2525.
But since removing SCM and changing exchange to port 25 it all gone wrong ;o(
Also tried removing the reference to the server IP address and then adding them again - no joy there either!!!

Help
Thanks and Regards
Mark
0
 
veaygnCommented:
Can you telnet into port 2525?  If so, the change might not have been effected.

  - veaygn
0
 
aark-itAuthor Commented:
Hi veaygn,
After forwarding port 2525 on the firewall to the server address I tried to telnet to port 2525 and got the connection failed could not open port. So I set the Virtual server back to port 2525 and then it does the same thing, seems to connect, but dont get the 220 txt reply from the exchange server.
Set it back to 25 and tried again and still got no response from exchange server.
Could it be that SMTP is knackered?
If so how do I go about resetting/reloading it?
Cheers and Regards
Mark
0
 
Exchange_AdminCommented:
If you decide to remove/reinstall the SMTP service, be sure that you REINSTALL Exchange after reinstalling the SMTP service.
The reapply your Exchange service pack.

0
 
Dave StringfellowIT managerCommented:
Forgive me if you have done this already, but just want to be 100% sure..

Go to the Server (either console or RDP) and check the following:

1)can you telnet to localhost 25?
2)go to Exchange System manager Servers><your server>>Protocols>SMTP>properties of the default SMTP Virtual Server>Under General click advanced>Highlite the (all unassigned) and hit Edit. Make sure this port reads 25 and the IP address reads all unasigned. If not edit it, and try telnet to localhost again
3) if this still wont work, change the port to 2525 or some other port, then telnet localhost 2525
4) if this works set your firewall to do Port Redirection, and have it pont port 25 to 2525 of that box.

If none of this works, post back please :)
0
 
veaygnCommented:
Hi again,

I've got some more general questions for clarification.  

Firstly, are you connecting directly to the SBS via the LAN or are you traversing the firewall?  Also, what firewall is in place and is it a separate, standalone system?  Can the SBS machine access the Internet and, if so, how (proxy, directly across the firewall, etc.)?

If you're traversing a firewall to get to the machine, the problem might lie there (hence the question about the firewall).

If the SBS can access the Internet, then connectivity is unlikely to be the problem.  However, if you're using a proxy, you'll have to test your outgoing access - ping and traceroute being the simplest way and then attempting to telnet into the anti-spam host.

Check the outbound port binding as well:  SMTP Virtual Server > Properties > Delivery > Outbound Connections.

How is the mail from the anti-spam host attempting to reach your machine?  Direct SMTP traffic or does your machine have to trigger the queue?

  - veaygn
0
 
tomcahillCommented:
I think you should re-run the CIECW and resetup the firewall and email from there.  It will take care of everything for you from a configuration stand point.  I find this solves these type of issues 95% of the time.
0
 
MarkMichaelCommented:
have u tried telnet'ing to 2525?
0
 
aark-itAuthor Commented:
Hi all,
OK, I tried to telnet localhost 25 on the server console and it didn't work. So tried added "all unassigned" on port 25, and then it worked fine from the console.
Tried externally to port 25 and 2525 - 25 gave no txt response at all still, and 2525 failed to open connection.
So then I tried telnet from a PC on the LAN and again got no txt response from port 25.
I initially thought it was the firewall, but trying it from a PC inside the LAN rules this out.
Tried the CIECW and reset all the bits and bobs in the wizard and still nothing from outside or from another PC on the LAN.
Still getting a response from the server console though.

Any ideas on this please as it's getting very critical now.
Thanks in advance
Mark
0
 
Dave StringfellowIT managerCommented:
well, ok, we are 1 step closer now i guess :)

at least we know now its port 25, so we can forget about port 2525

Do you have ISA server installed?

what happens if you change the port to 2525 (where you changed it to all unassigned) and then telnet to that on the localhost then LAN PC let me know the results.

I guess you have some software blocking the port we just need to find it.
0
 
aark-itAuthor Commented:
Hi Dave,
Thanks - The Server doesn't have ISA installed.
Tried switching the all unasigned to port 2525 and then on the console, tried telnet localhost 2525 - worked fine, had the 220 txt reply from Exchange Server.
Tried from the other PC and had no txt response from port 2525.

Definately something blocking on the server, but don't know what or where to start.
Thanks again and Regards
Mark
0
 
aark-itAuthor Commented:
Just tried changing "all unassigned" to port 2530 and get the same results - Console fine, other PC no response.
0
 
aark-itAuthor Commented:
Hi All,
Well you'll be glad to hear that whilst waiting, I played a bit with different settings and eventually got it working.
In the Virtual Server proporties, I went back to the access tab and then into the connection tab.
In there it was set to only the list below, which had the server IP address and the loopback IP address.
I changed it to "all except the list below" left it blank of IP addresses and that sorted it.
I am now getting the 220 reply from the exchange server from remote telnets - so sorted.

Obviously this resolved the problem, but what, if any, implications will this have on security to the exchange server?

Thanks again everyone - going to give the points to Dave AND for the "all unassigned" bit that sorted it locally and gave me the inspiration to change the other bits and bobs.

Regards
Mark


0
 
Dave StringfellowIT managerCommented:
you can ping the server from the work station right?

can you give me the ipconfig /all from both Server and PC please?
0
 
Dave StringfellowIT managerCommented:
ahh glad you fixed it :)
0
 
Dave StringfellowIT managerCommented:
Your server will be fine, it needs to be like this if you want to recive email. only time you would lock it down would be if you recive all your from 1 IP (like a virus scanned SMTP service)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 8
  • 5
  • 3
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now