SBS 2003 Port 25 Blocked

Hi there, we are running sbs 2003 and Trend Micro for SMB. port 25 has been locked down for some reason on the server and no email is coming through. Demon internet mail relay cannot deliver to it as it is closed. How do i reopen port 25 or is it the AV software blocking it?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

The first step is to find where port 25 is being blocked.  To do this run a telnet test from the outside and inside of your network.  The command will look like this.

from the inside of your network run;
telnet ServerIPAdress 25

from outside of your network run;
telnet 25

The appropriate response is something like;

In which case you know that the port is open.

Have you installed or changed anything recently that could have caused this?

grovenetsupportAuthor Commented:
Thanks for this i got a message back from inside saying i could not open connection to the host on port 25. This just happened yesterday. We were running Hexamail for Spam so i removed this in case it had caused it but still no mail.
This is the email bounce back
Final-Recipient: RFC822;
Action: delayed
Status: 4.1.1
Remote-MTA: DNS;
Diagnostic-Code: SMTP; 450 4.1.1 <>: Recipient address rejected: unverified address: connect to[]: Connection refused
Last-Attempt-Date: Wed, 5 Nov 2008 05:28:44 GMT
From what you've posted it looks like the issue is with your mailgate software.  To confirm that this is the case turn off the mailgate software and rerun the telnet test.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Lee W, MVPTechnology and Business Process AdvisorCommented:
I would suggest shutting down services one by one that COULD be interfering - and after you shut one down, try the telnet test tenaj-207 suggests.
grovenetsupportAuthor Commented:
I have disabled all the anti virus in the services and stopped them all but still cannot telnet to port 25?
Do you have windows firewall enabled on the server, if yes - please turn it off.
grovenetsupportAuthor Commented:
No its disabled it has only one NIC?
To find the software that's blocking port 25 do the following.

Open a command prompt and type in;
netstat -anop TCP

This will give you an output that looks like this;
netstat -anop TCP

Proto  Local Address          Foreign Address        State           PID
TCP                 LISTENING       4
TCP                LISTENING       936
TCP                LISTENING       4
TCP                LISTENING       2760
TCP                LISTENING       3328
TCP               LISTENING       4
TCP               LISTENING       5996
TCP               LISTENING       4
TCP              LISTENING       2432
TCP              LISTENING       648
TCP              LISTENING       124
TCP              LISTENING       356
TCP              LISTENING       1496
TCP              LISTENING       716
TCP              LISTENING       704
TCP              LISTENING       1260
TCP              LISTENING       3328
TCP              LISTENING       3328
TCP              LISTENING       2020
TCP        ESTABLISHED     2020
TCP        ESTABLISHED     5996

This gives you the port and the taskPID that's using it. Port is the :## and PID is the last number

Then run from your command prompt;;

The output will be this;
iexplore.exe                  2248 Console                    1     59,340 K
chrome.exe                    3396 Console                    1      5,836 K
cmd.exe                       1888 Console                    1      2,480 K
chrome.exe                    3276 Console                    1     12,816 K
SearchFilterHost.exe          5048 Services                   0      6,800 K
tasklist.exe                  4060 Console                    1      5,848 K

The PID is the number before the word console.

Now you can match up the process with the port.  Find the process that's using port 25 and stop that process.  Then retest.

I hope I made that clear enough.
grovenetsupportAuthor Commented:
Thanks but this does not seem to show anything on 25 but i can inly seem to see half of the list it wont let me scroll back to the top
You can export it to a text file using by using
netstat -anop TCP >> netstat.txt

Or you could right click on the title bar, choose properties and increase your buffer size, then rerun the command.

grovenetsupportAuthor Commented:
Ok done that but nothing showing on 25?
I bet the software that you uninstalled screwed up your winsock settings.  Try to reset your TCP/IP stack.  The command is;
netsh int ip reset

This command resets your NIC's back to DHCP so before you run the command make sure you have all the settings you need to reconfigure your NIC's afterward (e.g. IP, SM, GW, DNS).

For more details about this process see this KB article.
If there are any SMTP Sinks - i have used the tool transwiz to disable them and it does help you work disable third-party sinks. These sinks get hooked on to Exchange when third-party applications (related to SMTP) are used.

If these sinks are causing problems for you, using this tool you can unhook those sinks.

You can download them from - free utilities section.

If you want to go ahead with it, please do tell me.

grovenetsupportAuthor Commented:
Problem solved, thanks for all your help guys you were on the right track. The problem was Hexamail Spam software. When it installs it takes over port 25 and changes the virtual server to 2500 in Exchange. When you uninstall it the software does not change the setting back. A minor oversight by me but a major problem for the email server!
Wow this was a long long thread and great to see it got resolved, thanks for updating us with the resolution.
I am sure this would help other EE people who would face similar situations in the future.

Take Care.

God Bless.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.