Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1124
  • Last Modified:

SBS 2003 Port 25 Outbound Blocked

I have an SBS 2003 server that has suddenly stopped sending email.
Outbound messages are hung in the queue. Inbound email is fine.
I cannot telnet to port 25 on other public smtp servers from SBS, but I can telnet to port 25
from other machines / servers within the network to other external servers. AV has been temporarily removed from
the server. I've used netstat to look for other software that may be blocking the port, but
nothing obvious.
0
Taildragger61
Asked:
Taildragger61
  • 11
  • 11
  • 5
2 Solutions
 
Alan HardistyCo-OwnerCommented:
Call your ISP and ask them why they have blocked the port - and if they can't unblock it, you will have to ask them what port you can use to send mail to their Smarthost Mail server, then configure your server to use that port and then change your SMTP Connector to use their SMARTHOST not DNS to route mail.

Outbound Port is configured on the SMTP Virtual Server> Delivery Tab> Outbound Connection Button.  Change the port in there and then restart the SMTP Service.
0
 
Taildragger61Author Commented:
I contacted the ISP first, and they said they weren't blocking it - which makes sense since I am able to telnet to port 25 outbound from other devices within the network, just not the SBS server.
0
 
Alan HardistyCo-OwnerCommented:
If you can't telnet to external server on port 25 then either they are blocking TCP port 25 outbound as a security measure and are either ignorant about this (1st line usually are), or a not telling you the truth!

Try to telnet to my mail server from your server:

telnet mail.mydomain.co.uk 25

telnet 188.220.xxx.xxx 25

Do either work?  Do you see my servername blinking back at you?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Taildragger61Author Commented:
Both work from my workstation, but neither work when logged on to the server...
0
 
Alan HardistyCo-OwnerCommented:
Okay - can you re-run the Connect to the Internet Wizard please.  Change nothing and let the wizard complete.  If it errors the first time - run it again.

Start> Server Manager> To-Do List> Connect to the Internet.

Any joy now?
0
 
Taildragger61Author Commented:
I've already tried that - error free.
0
 
Alan HardistyCo-OwnerCommented:
Okay - and no change to the mail-flow?

Has someone blocked TCP Port 25 outbound for the server on your firewall / router when they should have been blocking TCP port 25 outbound for all IP's other than the server?
0
 
Taildragger61Author Commented:
We're running a SonicWall, and currently there is only the one default rule from the LAN to WAN zones - allow anything - anytime. It's curious that this happened after patch Tuesday - looking to see what was installed now, but I don't have this problem anywhere else.
0
 
Alan HardistyCo-OwnerCommented:
Was the patch to the server or the Sonicwall?

If the server - what was the patch that was applied?
0
 
Taildragger61Author Commented:
The patches would have been on the server. This isn't a system I normally take care of, and the updates are set to download, but not install. Nothing new was installed.
0
 
Neil RussellTechnical Development LeadCommented:
Have you rebooted SINCE the patches are aplied?
0
 
Alan HardistyCo-OwnerCommented:
Can you look in the Control Panel> Add/Remove Programs and advise what patches were installed recently please.
0
 
Taildragger61Author Commented:
Nothing new has been installed since 12/2010.
0
 
Neil RussellTechnical Development LeadCommented:
I assume you are getting inbound emails?
I assume you can browse the web from the server?
0
 
Taildragger61Author Commented:
Yes, inbound email is fine and browsing is fine. I can telnet to other ports on external servers from the SBS box such as 3389, 21, 80, 443, etc. just not 25.
0
 
Neil RussellTechnical Development LeadCommented:
Then i would be starting with a full AV and malware scan. Have you tried telnet to port 25 on the sbs box itself?

Thats from a dos box ON the sbs box telnet TO the sbs box on port 25.

0
 
Taildragger61Author Commented:
Yes, I can telnet to port 25 on the local box, and inbound email is not affected - just outbound.
0
 
Neil RussellTechnical Development LeadCommented:
And can you telnet to port 25 on any other INTERNAL computer?
If so it sounds like your being blocked by your firewall maybe?
0
 
Alan HardistyCo-OwnerCommented:
>> Nothing new has been installed since 12/2010 <<

So if nothing new has been installed since 12/2010 - what are the patches that were installed?

Sounds like a blockage internally - either with the server firewall or the router firewall.
0
 
Taildragger61Author Commented:
I'll have to give this one to NeilSR.
The only thing different from a firewall perspective is that the server had several inbound NAT policies applied at the firewall.
I set RDP on my laptop to listen on port 25, and yes, I could telenet to it from the server. I decided to rip the NAT policies out of the firewall and test it that way. When I attempted to remove the service group assigned to the server, I received an error message saying it was still in use - but it wasn't listed in the rules where the error said it was. I defaulted the firewall and started over. All is well. Thanks everyone for all the help!
0
 
Alan HardistyCo-OwnerCommented:
Don't forget my comment here: http:#a34864257
0
 
Alan HardistyCo-OwnerCommented:
So my earlier comment about the firewall posted an hour before Neil's comment is not relevant here?
0
 
Neil RussellTechnical Development LeadCommented:
I agree with Alan, i think we both put in as much effort as each other and a fair split would be in order.
0
 
Alan HardistyCo-OwnerCommented:
RFA Raised.

Alan
0
 
Taildragger61Author Commented:
Truth be known, I had the problem well in hand before I received neilsr's comment, but hey, you guys spent time trying to help and it was much appreciated. I have no idea what these points are worth to you guys, but tell me how to split them after the fact, and I'll do whatever you want.
0
 
Alan HardistyCo-OwnerCommented:
It's not really about the points (for me at least - I have a few under my belt) - it is more about getting the correct comments accepted in the database and not overlooking a comment that seems to address the problem nicely, based on your closing comment but that got overlooked during the closure.

Also, as the only reward we get for participating on EE is points and the occasional T-Shirt when we get a certain number of points in a zone.  we are all volunteers here and give up our spare time to help answer questions, so it can feel a bit like a slap in the face if a comment that addresses the problem gets overlooked.

Also, if you had the problem well in hand before Neil's comment, then it would suggest to me that I pointed you in the right direction and not Neil!

At the end of the day - the fact that you have a solution is the important bit but I feel a fairer closure would have been to at the very least split the points for both comments about the firewall being the problem.


Alan
0
 
Taildragger61Author Commented:
All of these solutions were partially complete, but headed down the right path. The firewall was not misconfigured, but the settings were corrupt. The firewall had to be reset and re-flashed with backup settings.
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

  • 11
  • 11
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now