• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 116
  • Last Modified:

Telnet problem on Exchange 2016 server

Dear Experts, we cannot telnet to Exchange 2016 servers on port 25 but 110, 143, 587. We can still send/receive emails. All firewalls and AV were turned off for testing but no luck. We got this error when telnet to them:

telnet.JPG
Can you please suggest? Many thanks.
0
Tjno
Asked:
Tjno
  • 4
  • 3
  • 2
  • +3
1 Solution
 
ferraristaCommented:
Are you using a third-party transport agent ? See if disabling resolves the issue.
0
 
ITguy565Commented:
try the following :

Are you trying to telnet to port 25 using the IP or FQDN?  try both ways:

Run Netstat -a and check to see if 25 is in a listening state.

Refer to the Exchange Testing section of the following document :
Use PortQry to check email servers

http://www.windowsecurity.com/articles-tutorials/misc_network_security/Mastering-PortQryexe-Part2.html
0
 
MaheshArchitectCommented:
How many exchange servers you have?
Does all servers have this problem ?

If you telnet on TCP 25 to server from itself, what is happening?

When u r saying that mail flow is working, it means your server is behind firewall somewhere and then only from inbound smtp gateway you have enabled TCP 25, for rest of the clients u don't need TCP 25 because they use mapi or even IMAP / pop

One more thing check if you are able to telnet exchange server public interface from internet
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
TjnoNetwork AdministratorAuthor Commented:
Hi,

@ferrarista: Our mail servers are behind Sonicwall ESA7000, does it considered third-party transport agent?

@ITguy565: Yes I tried both ways but still could not connect to port 25 but others (110, 143, 587). The port 25 is on listening state, I also noticed that the port 5060 (aka SIP port) was opened on our Exchange servers and established to some strange public IPs. Is it ok? should I block this port?

5060-1.JPG
 5060-2.JPG
6666.JPG
@Mahesh: I have 6 Exchange servers, 5 of them were behind Firewall Sonicwall and were built 6 months ago, all of them have this telnet problem. The new one was built 2 weeks ago, stand alone and does not this telnet issue. But I do not think the problem is Sonicwall since we tested to put the new one behind sonicwall and we still could telnet to it. Also in reversed way, when take out 1 of 5 other servers from behind sonicwall. We tested with public IP addresses as well but no difference.
0
 
McKnifeCommented:
Your screenshot shows, that port 25 is open and telnet connects but then drops the connection.
Did you use the command
telnet server.domain 25
or
telnet server 25
?
The first is the FQDN, which should be used according to Microsoft. See https://technet.microsoft.com/en-us/library/bb123686(v=exchg.160).aspx
0
 
MaheshArchitectCommented:
0
 
Vidit BhardwajAdminCommented:
Does telnet localhost 25 on that server works ??
In netstat -ano do you see for 25 connection is established?
0
 
McKnifeCommented:
The port is open and he can reach it - that's what his screenshot proves. Else, there would never be any feedback.
1
 
TjnoNetwork AdministratorAuthor Commented:
Hi,

@McKnife: I used both of them, but still could not telnet to port 25

@Mahesh: I don't think our ISP block it since one server still can be telnet to

It was strange because I still got the correct information when test port 25 from Sonicwall:

diagnostics.JPG
0
 
McKnifeCommented:
"but still could not telnet to port 25" please understand: you can. If you get that message, it shows that telnet has connected to that port, but that the connection broke. Let's hope you finally believe me. Google that error message, please, and see what you can make of it - there are several links with people suffering from the same.
Again: If that port was closed, you would get
Could not open connection to the host, on port 25: Connect failed
0
 
TjnoNetwork AdministratorAuthor Commented:
Hi, I found the answer. In Default front end setting of the problematic mail server, it has Firewall's IP address on Remote network setting.

That's why we got the error. After we tested to replace it with default address, we could telnet port 25 normally.

Capture.JPG
0
 
TjnoNetwork AdministratorAuthor Commented:
Problem in configurations.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now