SBS 2003 Port 25 Blocked

The first step is to find where port 25 is being blocked.  To do this run a telnet test from the outside and inside of your network.  The command will look like this.

from the inside of your network run;
telnet ServerIPAdress 25

from outside of your network run;
telnet mail.companydomain.com 25

The appropriate response is something like;
220 bay0-mc6-f12.bay0.hotmail.com

In which case you know that the port is open.

Have you installed or changed anything recently that could have caused this?

-tenaj

Thanks for this i got a message back from inside saying i could not open connection to the host on port 25. This just happened yesterday. We were running Hexamail for Spam so i removed this in case it had caused it but still no mail.
This is the email bounce back
Final-Recipient: RFC822; Administrator@coxhomes.co.uk
Action: delayed
Status: 4.1.1
Remote-MTA: DNS; relay-2.mail.demon.net
Diagnostic-Code: SMTP; 450 4.1.1 <Administrator@coxhomes.co.uk>: Recipient address rejected: unverified address: connect to mailgate.coxhomes.co.uk[62.49.0.62]: Connection refused
Last-Attempt-Date: Wed, 5 Nov 2008 05:28:44 GMT

From what you've posted it looks like the issue is with your mailgate software.  To confirm that this is the case turn off the mailgate software and rerun the telnet test.

I would suggest shutting down services one by one that COULD be interfering - and after you shut one down, try the telnet test tenaj-207 suggests.

I have disabled all the anti virus in the services and stopped them all but still cannot telnet to port 25?

Do you have windows firewall enabled on the server, if yes - please turn it off.

No its disabled it has only one NIC?

To find the software that's blocking port 25 do the following.

Open a command prompt and type in;
netstat -anop TCP

This will give you an output that looks like this;
netstat -anop TCP

Proto  Local Address          Foreign Address        State           PID
TCP    0.0.0.0:80             0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:135            0.0.0.0:0              LISTENING       936
TCP    0.0.0.0:445            0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:912            0.0.0.0:0              LISTENING       2760
TCP    0.0.0.0:990            0.0.0.0:0              LISTENING       3328
TCP    0.0.0.0:2869           0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:5101           0.0.0.0:0              LISTENING       5996
TCP    0.0.0.0:5357           0.0.0.0:0              LISTENING       4
TCP    0.0.0.0:19180          0.0.0.0:0              LISTENING       2432
TCP    0.0.0.0:49152          0.0.0.0:0              LISTENING       648
TCP    0.0.0.0:49153          0.0.0.0:0              LISTENING       124
TCP    0.0.0.0:49154          0.0.0.0:0              LISTENING       356
TCP    0.0.0.0:58174          0.0.0.0:0              LISTENING       1496
TCP    0.0.0.0:63693          0.0.0.0:0              LISTENING       716
TCP    0.0.0.0:63707          0.0.0.0:0              LISTENING       704
TCP    127.0.0.1:5354         0.0.0.0:0              LISTENING       1260
TCP    127.0.0.1:5679         0.0.0.0:0              LISTENING       3328
TCP    127.0.0.1:7438         0.0.0.0:0              LISTENING       3328
TCP    127.0.0.1:27015        0.0.0.0:0              LISTENING       2020
TCP    127.0.0.1:27015        127.0.0.1:63755        ESTABLISHED     2020
TCP    127.0.0.1:54518        127.0.0.1:54519        ESTABLISHED     5996

This gives you the port and the taskPID that's using it. Port is the :## and PID is the last number

Then run from your command prompt;;
tasklist

The output will be this;
iexplore.exe                  2248 Console                    1     59,340 K
chrome.exe                    3396 Console                    1      5,836 K
cmd.exe                       1888 Console                    1      2,480 K
chrome.exe                    3276 Console                    1     12,816 K
SearchFilterHost.exe          5048 Services                   0      6,800 K
tasklist.exe                  4060 Console                    1      5,848 K

The PID is the number before the word console.

Now you can match up the process with the port.  Find the process that's using port 25 and stop that process.  Then retest.

I hope I made that clear enough.

Thanks but this does not seem to show anything on 25 but i can inly seem to see half of the list it wont let me scroll back to the top

You can export it to a text file using by using
netstat -anop TCP >> netstat.txt

Or you could right click on the title bar, choose properties and increase your buffer size, then rerun the command.

Ok done that but nothing showing on 25?

I bet the software that you uninstalled screwed up your winsock settings.  Try to reset your TCP/IP stack.  The command is;
netsh int ip reset

This command resets your NIC's back to DHCP so before you run the command make sure you have all the settings you need to reconfigure your NIC's afterward (e.g. IP, SM, GW, DNS).

For more details about this process see this KB article.
http://support.microsoft.com/kb/317518

If there are any SMTP Sinks - i have used the tool transwiz to disable them and it does help you work disable third-party sinks. These sinks get hooked on to Exchange when third-party applications (related to SMTP) are used.

If these sinks are causing problems for you, using this tool you can unhook those sinks.

You can download them from turbogeeks.com - free utilities section.

If you want to go ahead with it, please do tell me.

Thanks.

Problem solved, thanks for all your help guys you were on the right track. The problem was Hexamail Spam software. When it installs it takes over port 25 and changes the virtual server to 2500 in Exchange. When you uninstall it the software does not change the setting back. A minor oversight by me but a major problem for the email server!