Link to home
Start Free TrialLog in
Avatar of Taildragger61

asked on

SBS 2003 Port 25 Outbound Blocked

I have an SBS 2003 server that has suddenly stopped sending email.
Outbound messages are hung in the queue. Inbound email is fine.
I cannot telnet to port 25 on other public smtp servers from SBS, but I can telnet to port 25
from other machines / servers within the network to other external servers. AV has been temporarily removed from
the server. I've used netstat to look for other software that may be blocking the port, but
nothing obvious.
Avatar of Alan Hardisty
Alan Hardisty
Flag of United Kingdom of Great Britain and Northern Ireland image

Call your ISP and ask them why they have blocked the port - and if they can't unblock it, you will have to ask them what port you can use to send mail to their Smarthost Mail server, then configure your server to use that port and then change your SMTP Connector to use their SMARTHOST not DNS to route mail.

Outbound Port is configured on the SMTP Virtual Server> Delivery Tab> Outbound Connection Button.  Change the port in there and then restart the SMTP Service.
Avatar of Taildragger61


I contacted the ISP first, and they said they weren't blocking it - which makes sense since I am able to telnet to port 25 outbound from other devices within the network, just not the SBS server.
If you can't telnet to external server on port 25 then either they are blocking TCP port 25 outbound as a security measure and are either ignorant about this (1st line usually are), or a not telling you the truth!

Try to telnet to my mail server from your server:

telnet 25

telnet 25

Do either work?  Do you see my servername blinking back at you?
Both work from my workstation, but neither work when logged on to the server...
Okay - can you re-run the Connect to the Internet Wizard please.  Change nothing and let the wizard complete.  If it errors the first time - run it again.

Start> Server Manager> To-Do List> Connect to the Internet.

Any joy now?
I've already tried that - error free.
Okay - and no change to the mail-flow?

Has someone blocked TCP Port 25 outbound for the server on your firewall / router when they should have been blocking TCP port 25 outbound for all IP's other than the server?
We're running a SonicWall, and currently there is only the one default rule from the LAN to WAN zones - allow anything - anytime. It's curious that this happened after patch Tuesday - looking to see what was installed now, but I don't have this problem anywhere else.
Was the patch to the server or the Sonicwall?

If the server - what was the patch that was applied?
The patches would have been on the server. This isn't a system I normally take care of, and the updates are set to download, but not install. Nothing new was installed.
Have you rebooted SINCE the patches are aplied?
Can you look in the Control Panel> Add/Remove Programs and advise what patches were installed recently please.
Nothing new has been installed since 12/2010.
I assume you are getting inbound emails?
I assume you can browse the web from the server?
Yes, inbound email is fine and browsing is fine. I can telnet to other ports on external servers from the SBS box such as 3389, 21, 80, 443, etc. just not 25.
Then i would be starting with a full AV and malware scan. Have you tried telnet to port 25 on the sbs box itself?

Thats from a dos box ON the sbs box telnet TO the sbs box on port 25.

Yes, I can telnet to port 25 on the local box, and inbound email is not affected - just outbound.
Avatar of Neil Russell
Neil Russell
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I'll have to give this one to NeilSR.
The only thing different from a firewall perspective is that the server had several inbound NAT policies applied at the firewall.
I set RDP on my laptop to listen on port 25, and yes, I could telenet to it from the server. I decided to rip the NAT policies out of the firewall and test it that way. When I attempted to remove the service group assigned to the server, I received an error message saying it was still in use - but it wasn't listed in the rules where the error said it was. I defaulted the firewall and started over. All is well. Thanks everyone for all the help!
Don't forget my comment here: http:#a34864257
So my earlier comment about the firewall posted an hour before Neil's comment is not relevant here?
I agree with Alan, i think we both put in as much effort as each other and a fair split would be in order.
RFA Raised.

Truth be known, I had the problem well in hand before I received neilsr's comment, but hey, you guys spent time trying to help and it was much appreciated. I have no idea what these points are worth to you guys, but tell me how to split them after the fact, and I'll do whatever you want.
It's not really about the points (for me at least - I have a few under my belt) - it is more about getting the correct comments accepted in the database and not overlooking a comment that seems to address the problem nicely, based on your closing comment but that got overlooked during the closure.

Also, as the only reward we get for participating on EE is points and the occasional T-Shirt when we get a certain number of points in a zone.  we are all volunteers here and give up our spare time to help answer questions, so it can feel a bit like a slap in the face if a comment that addresses the problem gets overlooked.

Also, if you had the problem well in hand before Neil's comment, then it would suggest to me that I pointed you in the right direction and not Neil!

At the end of the day - the fact that you have a solution is the important bit but I feel a fairer closure would have been to at the very least split the points for both comments about the firewall being the problem.

All of these solutions were partially complete, but headed down the right path. The firewall was not misconfigured, but the settings were corrupt. The firewall had to be reset and re-flashed with backup settings.