How to setup SMTP using a DMZ server

Posted on 2009-04-15
Last Modified: 2013-11-30
I have a new website I am trying to launch and am having an issue with an automated email function. Whenever a user changes their password the site emails the user and let's them know. When doing so, an error is returned stating "Unable to read data from the transport connection: net_io_connectionclosed."

The server where the site is hosted is in the DMZ of a Cisco firewall. Port 25 is open in the access list. I have verified that telnet using port 25 connects from the web server (dmz) to the exchange server (internal network). However when attempting to run any commands, the connection is lost.

Ping works both ways as well.

The web server is setup as a relay server in exchange. When connecting a cable from the web server to the internal network, the email will send without issue.



Dim Emailer As New System.Net.Mail.MailMessage("from", "to")

Emailer.Subject = "Error in the Site"

Dim mailClient As New System.Net.Mail.SmtpClient()

Dim basicAuthenticationInfo As New System.Net.NetworkCredential("username", "password")

        Emailer.Body = "The error description is as follows : " & serverror

        mailClient.Host = "hostname"

        mailClient.UseDefaultCredentials = False

        mailClient.Credentials = basicAuthenticationInfo




And I have also tried using this code.


                imports system.web.mail


        Dim mail As New MailMessage()

        mail.To = "address"

        mail.From = "address"

        mail.Subject = "this is a test email."

        mail.Body = "this is my test email body"

        SmtpMail.SmtpServer = smtpserver




Open in new window

Question by:bmaitdepartment
    LVL 15

    Expert Comment

    It is probably a "mailguard" issue.  In my experience that feature has always been quite errant.

    You can try to disable it:

    policy-map global_policy
     class inspection_default
      no inspect esmtp

    LVL 1

    Author Comment

    I will give that a try today. Thanks.
    LVL 1

    Author Comment

    policy-map is not a recognized command on my firewall. I did however look up how to disable mailguard for my particular server. I entered the command

    no fixup protocol smtp 25

    This did not solve the issue.
    LVL 1

    Accepted Solution

    Access had not been granted to the DMZ server using the connection option in the virtual SMTP server.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
    Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now