Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 516
  • Last Modified:

Exchange 2010 - No Inbound Mail, No Port 25, But Web Mail is fine?

Hello Experts,

Looking to see if you can quickly help me find a resolution to my Exchange issue. Today, inbound mail to our domain name fails with "550 MTA inaccessible for too long"

Internal mail is fine, and sending outbound mail is fine.

Anyway, after initial troubleshooting using MXTOOLBOX and simple TELNET, I see that I cannot connect via port 25.

Any hints on where to begin?
I'm looking on a Sonicwall and this looks fine - Exchange service itself looks fine - I need some hints please.
0
ottobock
Asked:
ottobock
  • 4
2 Solutions
 
d0ughb0yCommented:
For starters, who's your ISP. Might they be blocking it? I know that many do, for their Home-Service offerings.
0
 
JaredJ1Commented:
Did your test telnet session happen from within the LAN or external?

From a computer on the LAN - attempt to telnet to the Exchange server on port 25.

e.g. telnet servername 25

If it gets a connection, then you know the server is listening on port 25 and the problem is likely to be the sonic firewall. It should have a NAT rule (or web forwarding) of TCP port 25 to your Exchange Hub Transport server.

Do you have any other mail appliance/scanning server that may sit between the sonicwall and Exchange? A Message filtering server, journaling appliance? Perhaps there is something in-between that is causing the problem.
0
 
ottobockAuthor Commented:
Hi, back to it today. Thanks for the ideas.

It could actually be something with the ISP - as there are 2 circuits coming in (1 fibre and 1 cable), and the cable is down. We're also checking on that...

Using TELNET, I tested within the LAN, and also external. Within the LAN, it's fine. Outside, it's not. I thought about the SonicWall too - I'll try and check into that.

Really, this issue is sort of difficult, because I'm only maintaining this network for a short time, and I don't really know all the configurations. Now, I just get the problems and have to dig through everything to try and help! It's proven to be a tough job! :-)

Anyway, if anyone has additional thoughts - I'd love to hear'em. Thanks!
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
ottobockAuthor Commented:
I have done some more troubleshooting, and more and more, I think it can be a sonicwall configuration that I'm missing. Maybe someone can help (I hope).

LAN testing:
- TELNET mailserver.com 25 = OK

External Testing:
- TELNET mailserver.com 25 = fail
- TELNET mailserver.com 443 = OK
- MXTOOLBOX.com mailserver.com, SMTP test = Fail/ Timeout

There are 2 sonicwalls. 1 had the cable internet, the other a fibre internet. Since the cable was disconnected by the provider, I will have a tough time to test that angle further at this moment.

But is there a simple policy or route that I can add to the SonicWall on the fibre, even if it's not really secure, just to test this? When I ping mailserver.com, I get the IP of the sonicwall on the fibre circuit.

I hope this makes sense...
0
 
ottobockAuthor Commented:
I've also tried going line by line on both SonicWalls, under NAT Policies, and Firewall rules, and can't seem to find many differences which would apply here.

Another wrench in the chain... I just found a ESVA antispam server in the DMZ - of which I had no knowledge...

Ugh.
0
 
ottobockAuthor Commented:
Turns out is was the cable service indeed. Once re-established, the mail gateway came alive. Now I have to do some more digging on why this is configured this way ...

Thanks everyone!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now