grovenetsupport
asked on
SBS 2003 Port 25 Blocked
Hi there, we are running sbs 2003 and Trend Micro for SMB. port 25 has been locked down for some reason on the server and no email is coming through. Demon internet mail relay cannot deliver to it as it is closed. How do i reopen port 25 or is it the AV software blocking it?
ASKER
Thanks for this i got a message back from inside saying i could not open connection to the host on port 25. This just happened yesterday. We were running Hexamail for Spam so i removed this in case it had caused it but still no mail.
This is the email bounce back
Final-Recipient: RFC822; Administrator@coxhomes.co. uk
Action: delayed
Status: 4.1.1
Remote-MTA: DNS; relay-2.mail.demon.net
Diagnostic-Code: SMTP; 450 4.1.1 <Administrator@coxhomes.co .uk>: Recipient address rejected: unverified address: connect to mailgate.coxhomes.co.uk[62 .49.0.62]: Connection refused
Last-Attempt-Date: Wed, 5 Nov 2008 05:28:44 GMT
This is the email bounce back
Final-Recipient: RFC822; Administrator@coxhomes.co.
Action: delayed
Status: 4.1.1
Remote-MTA: DNS; relay-2.mail.demon.net
Diagnostic-Code: SMTP; 450 4.1.1 <Administrator@coxhomes.co
Last-Attempt-Date: Wed, 5 Nov 2008 05:28:44 GMT
From what you've posted it looks like the issue is with your mailgate software. To confirm that this is the case turn off the mailgate software and rerun the telnet test.
I would suggest shutting down services one by one that COULD be interfering - and after you shut one down, try the telnet test tenaj-207 suggests.
ASKER
I have disabled all the anti virus in the services and stopped them all but still cannot telnet to port 25?
Do you have windows firewall enabled on the server, if yes - please turn it off.
ASKER
No its disabled it has only one NIC?
To find the software that's blocking port 25 do the following.
Open a command prompt and type in;
netstat -anop TCP
This will give you an output that looks like this;
netstat -anop TCP
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 936
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:912 0.0.0.0:0 LISTENING 2760
TCP 0.0.0.0:990 0.0.0.0:0 LISTENING 3328
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5101 0.0.0.0:0 LISTENING 5996
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:19180 0.0.0.0:0 LISTENING 2432
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 648
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 124
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 356
TCP 0.0.0.0:58174 0.0.0.0:0 LISTENING 1496
TCP 0.0.0.0:63693 0.0.0.0:0 LISTENING 716
TCP 0.0.0.0:63707 0.0.0.0:0 LISTENING 704
TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 1260
TCP 127.0.0.1:5679 0.0.0.0:0 LISTENING 3328
TCP 127.0.0.1:7438 0.0.0.0:0 LISTENING 3328
TCP 127.0.0.1:27015 0.0.0.0:0 LISTENING 2020
TCP 127.0.0.1:27015 127.0.0.1:63755 ESTABLISHED 2020
TCP 127.0.0.1:54518 127.0.0.1:54519 ESTABLISHED 5996
This gives you the port and the taskPID that's using it. Port is the :## and PID is the last number
Then run from your command prompt;;
tasklist
The output will be this;
iexplore.exe 2248 Console 1 59,340 K
chrome.exe 3396 Console 1 5,836 K
cmd.exe 1888 Console 1 2,480 K
chrome.exe 3276 Console 1 12,816 K
SearchFilterHost.exe 5048 Services 0 6,800 K
tasklist.exe 4060 Console 1 5,848 K
The PID is the number before the word console.
Now you can match up the process with the port. Find the process that's using port 25 and stop that process. Then retest.
I hope I made that clear enough.
Open a command prompt and type in;
netstat -anop TCP
This will give you an output that looks like this;
netstat -anop TCP
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 936
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:912 0.0.0.0:0 LISTENING 2760
TCP 0.0.0.0:990 0.0.0.0:0 LISTENING 3328
TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5101 0.0.0.0:0 LISTENING 5996
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:19180 0.0.0.0:0 LISTENING 2432
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 648
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 124
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 356
TCP 0.0.0.0:58174 0.0.0.0:0 LISTENING 1496
TCP 0.0.0.0:63693 0.0.0.0:0 LISTENING 716
TCP 0.0.0.0:63707 0.0.0.0:0 LISTENING 704
TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 1260
TCP 127.0.0.1:5679 0.0.0.0:0 LISTENING 3328
TCP 127.0.0.1:7438 0.0.0.0:0 LISTENING 3328
TCP 127.0.0.1:27015 0.0.0.0:0 LISTENING 2020
TCP 127.0.0.1:27015 127.0.0.1:63755 ESTABLISHED 2020
TCP 127.0.0.1:54518 127.0.0.1:54519 ESTABLISHED 5996
This gives you the port and the taskPID that's using it. Port is the :## and PID is the last number
Then run from your command prompt;;
tasklist
The output will be this;
iexplore.exe 2248 Console 1 59,340 K
chrome.exe 3396 Console 1 5,836 K
cmd.exe 1888 Console 1 2,480 K
chrome.exe 3276 Console 1 12,816 K
SearchFilterHost.exe 5048 Services 0 6,800 K
tasklist.exe 4060 Console 1 5,848 K
The PID is the number before the word console.
Now you can match up the process with the port. Find the process that's using port 25 and stop that process. Then retest.
I hope I made that clear enough.
ASKER
Thanks but this does not seem to show anything on 25 but i can inly seem to see half of the list it wont let me scroll back to the top
You can export it to a text file using by using
netstat -anop TCP >> netstat.txt
Or you could right click on the title bar, choose properties and increase your buffer size, then rerun the command.
netstat -anop TCP >> netstat.txt
Or you could right click on the title bar, choose properties and increase your buffer size, then rerun the command.
ASKER
Ok done that but nothing showing on 25?
I bet the software that you uninstalled screwed up your winsock settings. Try to reset your TCP/IP stack. The command is;
netsh int ip reset
This command resets your NIC's back to DHCP so before you run the command make sure you have all the settings you need to reconfigure your NIC's afterward (e.g. IP, SM, GW, DNS).
For more details about this process see this KB article.
http://support.microsoft.com/kb/317518
netsh int ip reset
This command resets your NIC's back to DHCP so before you run the command make sure you have all the settings you need to reconfigure your NIC's afterward (e.g. IP, SM, GW, DNS).
For more details about this process see this KB article.
http://support.microsoft.com/kb/317518
If there are any SMTP Sinks - i have used the tool transwiz to disable them and it does help you work disable third-party sinks. These sinks get hooked on to Exchange when third-party applications (related to SMTP) are used.
If these sinks are causing problems for you, using this tool you can unhook those sinks.
You can download them from turbogeeks.com - free utilities section.
If you want to go ahead with it, please do tell me.
Thanks.
If these sinks are causing problems for you, using this tool you can unhook those sinks.
You can download them from turbogeeks.com - free utilities section.
If you want to go ahead with it, please do tell me.
Thanks.
ASKER
Problem solved, thanks for all your help guys you were on the right track. The problem was Hexamail Spam software. When it installs it takes over port 25 and changes the virtual server to 2500 in Exchange. When you uninstall it the software does not change the setting back. A minor oversight by me but a major problem for the email server!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
from the inside of your network run;
telnet ServerIPAdress 25
from outside of your network run;
telnet mail.companydomain.com 25
The appropriate response is something like;
220 bay0-mc6-f12.bay0.hotmail.
In which case you know that the port is open.
Have you installed or changed anything recently that could have caused this?
-tenaj