Exchange 2010 - No Inbound Mail, No Port 25, But Web Mail is fine?

Hello Experts,

Looking to see if you can quickly help me find a resolution to my Exchange issue. Today, inbound mail to our domain name fails with "550 MTA inaccessible for too long"

Internal mail is fine, and sending outbound mail is fine.

Anyway, after initial troubleshooting using MXTOOLBOX and simple TELNET, I see that I cannot connect via port 25.

Any hints on where to begin?
I'm looking on a Sonicwall and this looks fine - Exchange service itself looks fine - I need some hints please.
Who is Participating?
d0ughb0yConnect With a Mentor Commented:
For starters, who's your ISP. Might they be blocking it? I know that many do, for their Home-Service offerings.
JaredJ1Connect With a Mentor Commented:
Did your test telnet session happen from within the LAN or external?

From a computer on the LAN - attempt to telnet to the Exchange server on port 25.

e.g. telnet servername 25

If it gets a connection, then you know the server is listening on port 25 and the problem is likely to be the sonic firewall. It should have a NAT rule (or web forwarding) of TCP port 25 to your Exchange Hub Transport server.

Do you have any other mail appliance/scanning server that may sit between the sonicwall and Exchange? A Message filtering server, journaling appliance? Perhaps there is something in-between that is causing the problem.
ottobockAuthor Commented:
Hi, back to it today. Thanks for the ideas.

It could actually be something with the ISP - as there are 2 circuits coming in (1 fibre and 1 cable), and the cable is down. We're also checking on that...

Using TELNET, I tested within the LAN, and also external. Within the LAN, it's fine. Outside, it's not. I thought about the SonicWall too - I'll try and check into that.

Really, this issue is sort of difficult, because I'm only maintaining this network for a short time, and I don't really know all the configurations. Now, I just get the problems and have to dig through everything to try and help! It's proven to be a tough job! :-)

Anyway, if anyone has additional thoughts - I'd love to hear'em. Thanks!
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

ottobockAuthor Commented:
I have done some more troubleshooting, and more and more, I think it can be a sonicwall configuration that I'm missing. Maybe someone can help (I hope).

LAN testing:
- TELNET 25 = OK

External Testing:
- TELNET 25 = fail
- TELNET 443 = OK
-, SMTP test = Fail/ Timeout

There are 2 sonicwalls. 1 had the cable internet, the other a fibre internet. Since the cable was disconnected by the provider, I will have a tough time to test that angle further at this moment.

But is there a simple policy or route that I can add to the SonicWall on the fibre, even if it's not really secure, just to test this? When I ping, I get the IP of the sonicwall on the fibre circuit.

I hope this makes sense...
ottobockAuthor Commented:
I've also tried going line by line on both SonicWalls, under NAT Policies, and Firewall rules, and can't seem to find many differences which would apply here.

Another wrench in the chain... I just found a ESVA antispam server in the DMZ - of which I had no knowledge...

ottobockAuthor Commented:
Turns out is was the cable service indeed. Once re-established, the mail gateway came alive. Now I have to do some more digging on why this is configured this way ...

Thanks everyone!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.