Solved

Exchange ports for outlook client communication.

Posted on 2013-06-12
6
1,246 Views
Last Modified: 2013-06-12
I have been asked to clarify what type of mail activity is using TCP 40740.  I pulled netstat on the CAS server and found a number of ports on the exchange server that are listening and servicing client systems.  I was looking for a document that explained how the ports are used and that they were servicing outlook client requests.

Server:  2008 with exchange 2010.
Outlook 2010 clients.

Below are the listening ports and then some of the client connections in question.

Proto  Local Address          Foreign Address        State
  TCP    0.0.0.0:25             MAIL01:0         LISTENING
  TCP    0.0.0.0:80             MAIL01:0         LISTENING
  TCP    0.0.0.0:110            MAIL01:0         LISTENING
  TCP    0.0.0.0:135            MAIL01:0         LISTENING
  TCP    0.0.0.0:143            MAIL01:0         LISTENING
  TCP    0.0.0.0:443            MAIL01:0         LISTENING
  TCP    0.0.0.0:445            MAIL01:0         LISTENING
  TCP    0.0.0.0:587            MAIL01:0         LISTENING
  TCP    0.0.0.0:593            MAIL01:0         LISTENING
  TCP    0.0.0.0:808            MAIL01:0         LISTENING
  TCP    0.0.0.0:993            MAIL01:0         LISTENING
  TCP    0.0.0.0:995            MAIL01:0         LISTENING
  TCP    0.0.0.0:2002           MAIL01:0         LISTENING
  TCP    0.0.0.0:3389           MAIL01:0         LISTENING
  TCP    0.0.0.0:5060           MAIL01:0         LISTENING
  TCP    0.0.0.0:5067           MAIL01:0         LISTENING
  TCP    0.0.0.0:6001           MAIL01:0         LISTENING
  TCP    0.0.0.0:6002           MAIL01:0         LISTENING
  TCP    0.0.0.0:6004           MAIL01:0         LISTENING
  TCP    0.0.0.0:6005           MAIL01:0         LISTENING
  TCP    0.0.0.0:6006           MAIL01:0         LISTENING
  TCP    0.0.0.0:6007           MAIL01:0         LISTENING
  TCP    0.0.0.0:8081           MAIL01:0         LISTENING
  TCP    0.0.0.0:8400           MAIL01:0         LISTENING
  TCP    0.0.0.0:8402           MAIL01:0         LISTENING
  TCP    0.0.0.0:8404           MAIL01:0         LISTENING
  TCP    0.0.0.0:12706          MAIL01:0         LISTENING
  TCP    0.0.0.0:18037          MAIL01:0         LISTENING
  TCP    0.0.0.0:18043          MAIL01:0         LISTENING
  TCP    0.0.0.0:40551          MAIL01:0         LISTENING
  TCP    0.0.0.0:40558          MAIL01:0         LISTENING
  TCP    0.0.0.0:40615          MAIL01:0         LISTENING
  TCP    0.0.0.0:40618          MAIL01:0         LISTENING
  TCP    0.0.0.0:40677          MAIL01:0         LISTENING
  TCP    0.0.0.0:40691          MAIL01:0         LISTENING
  TCP    0.0.0.0:40736          MAIL01:0         LISTENING
  TCP    0.0.0.0:40740          MAIL01:0         LISTENING
  TCP    0.0.0.0:40776          MAIL01:0         LISTENING
  TCP    0.0.0.0:40790          MAIL01:0         LISTENING
  TCP    0.0.0.0:40791          MAIL01:0         LISTENING
  TCP    0.0.0.0:40805          MAIL01:0         LISTENING
  TCP    0.0.0.0:40847          MAIL01:0         LISTENING
  TCP    0.0.0.0:40855          MAIL01:0         LISTENING
  TCP    0.0.0.0:40856          MAIL01:0         LISTENING
  TCP    0.0.0.0:41264          MAIL01:0         LISTENING
  TCP    0.0.0.0:41289          MAIL01:0         LISTENING
  TCP    0.0.0.0:47001          MAIL01:0         LISTENING
  TCP    0.0.0.0:48000          MAIL01:0         LISTENING
  TCP    0.0.0.0:48001          MAIL01:0         LISTENING
  TCP    0.0.0.0:48004          MAIL01:0         LISTENING
  TCP    0.0.0.0:48005          MAIL01:0         LISTENING
  TCP    0.0.0.0:48006          MAIL01:0         LISTENING
  TCP    0.0.0.0:48007          MAIL01:0         LISTENING
  TCP    0.0.0.0:48008          MAIL01:0         LISTENING
  TCP    0.0.0.0:48009          MAIL01:0         LISTENING
  TCP    0.0.0.0:48010          MAIL01:0         LISTENING
  TCP    0.0.0.0:48011          MAIL01:0         LISTENING
  TCP    0.0.0.0:48012          MAIL01:0         LISTENING
  TCP    0.0.0.0:49415          MAIL01:0         LISTENING
  TCP    0.0.0.0:57944          MAIL01:0         LISTENING
  TCP    0.0.0.0:64327          MAIL01:0         LISTENING

Established

TCP    10.6.133.21:40740      99LP-PBGXMBY:49304     ESTABLISHED
TCP    10.6.133.21:40740      99LP-PBGXMBY:49305     ESTABLISHED
TCP    10.6.133.21:40740      99LP-PB529BE:49385     ESTABLISHED
TCP    10.6.133.21:40740      99LP-PB529BE:49389     ESTABLISHED
TCP    10.6.133.21:40740      99LP-PB535HN:49345     ESTABLISHED
TCP    10.6.133.21:40618      99LP-R8H9Z68:52870     ESTABLISHED
TCP    10.6.133.21:40618      99LP-R8H9Z68:55235     ESTABLISHED
TCP    10.6.133.21:40618      99LP-R83KCLV:58185     ESTABLISHED
0
Comment
Question by:Deitsch
6 Comments
 
LVL 43

Expert Comment

by:Amit
ID: 39242252
I don't see port 40740 used by Exchange, check following KB what ports are used by Exchange
http://technet.microsoft.com/en-us/library/bb331973%28v=exchg.141%29.aspx
0
 
LVL 43

Accepted Solution

by:
Amit earned 125 total points
ID: 39242268
Use below command
Netstat -a -n -o

Check the PID in task manager to find more information.
0
 
LVL 11

Expert Comment

by:James Hodge
ID: 39242422
Port 40740 is not assigned not anything that I know of. Definately not Exchange.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 40

Assisted Solution

by:Adam Brown
Adam Brown earned 125 total points
ID: 39242559
Exchange 2010 utilizes a random port in a very sizable range for RPC access between server and client and server to server communications by default. This is referred to as the RPC Dynamic Range and goes from port 6005 to port 59530 This should only be accessible on the local network. External Outlook Clients should utilize RPC over HTTPS or Outlook Anywhere to communicate. That only goes over port 443.

http://social.technet.microsoft.com/wiki/contents/articles/864.configure-static-rpc-ports-on-an-exchange-2010-client-access-server.aspx#ExchangeTenRPCClientAccessService has some information on what this does and how to limit the available ports. Note that you don't want to drop the number of available ports too low or you could end up with communication failures and bottlenecks.
0
 
LVL 43

Expert Comment

by:Amit
ID: 39242571
Also there is reg key to limit that port range.
0
 

Author Closing Comment

by:Deitsch
ID: 39242628
Amitkulshrestha netstat options for getting the PID showed what process was using the connections.  All were Microsoft.rpc.clientaccess.service.exe.

Acbrown2010 provided the statement and link pointing to the RPC Dynamic Range.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question