Semmy
asked on
Exchange: IMAP port 143 getting blocked with no firewall
Hi all,
Currently i am configuring IMAP for a Exchange server. The Windows firewall allows port 143:
Unfortunately, i am unable to telnet or use test-netconnection to this port. Nothing is listening on this port:
Even a loopback port test does get blocked. I have also disabled windows firewall on all profiles, didnt help either. i cant see nothing in the Windows Firewall logging getting blocked.
What can be happening here?
Currently i am configuring IMAP for a Exchange server. The Windows firewall allows port 143:
Unfortunately, i am unable to telnet or use test-netconnection to this port. Nothing is listening on this port:
Even a loopback port test does get blocked. I have also disabled windows firewall on all profiles, didnt help either. i cant see nothing in the Windows Firewall logging getting blocked.
What can be happening here?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@David Favor: This is a Exchange server in a test enviroment with no internet connection. Nothing is listening on 993 either. Both are blocked. nMap shows filtered for IMAP ports:
@Elie Matar: I am sure there are no routing problems since i have another Exchange server in the same subnet with those ports open. When i do a netstat -a -n on that server it shows 143 en 993 is listening. So this must be a local issue. The loopback test-netconnection verifies that this must be a local issue because doing that, there is no routing outside the server.
@Elie Matar: I am sure there are no routing problems since i have another Exchange server in the same subnet with those ports open. When i do a netstat -a -n on that server it shows 143 en 993 is listening. So this must be a local issue. The loopback test-netconnection verifies that this must be a local issue because doing that, there is no routing outside the server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
use msconfig and disable all third party services and then check.
Running nmap on physical machine is required for disconnected (no Internet connection machines).
The nmap output above shows the problem... one of these...
1) There really is no IMAP port 143 listener.
2) Machine running IMAP is blocking all in/out requests for port 143 (as it should, because this protocol is hackable).
3) Client machine attempting to connect to port 143 is blocked (as it should, because this protocol is hackable).
The nmap output above shows the problem... one of these...
1) There really is no IMAP port 143 listener.
2) Machine running IMAP is blocking all in/out requests for port 143 (as it should, because this protocol is hackable).
3) Client machine attempting to connect to port 143 is blocked (as it should, because this protocol is hackable).
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@Kimputer: IMAP has been configurered following the Microsoft article.
BUT, i wanted to check for sure if the services were running. Now, i saw something weird i never saw before. When i checked the IMAP services via Task manager > Services, the 2 IMAP services were stopped. Since i was sure i started those services and configured them to start automtic, i checked it via services.msc.
Task manager shows the services are stopped, Services.msc show the services are running:
Anyone saw this before?
I have started those stopped services and IMAP is now listening on those ports:
BUT, i wanted to check for sure if the services were running. Now, i saw something weird i never saw before. When i checked the IMAP services via Task manager > Services, the 2 IMAP services were stopped. Since i was sure i started those services and configured them to start automtic, i checked it via services.msc.
Task manager shows the services are stopped, Services.msc show the services are running:
Anyone saw this before?
I have started those stopped services and IMAP is now listening on those ports:
Depends if you configured it just now (then it's logical, a full reboot of the server would have brought the service online), or if you did it a long time ago where you rebooted the server a few times already.
Looks like you found the problem.
ASKER
I had configured those services 2 days ago and the server has rebooted twice since. Once after configuring and once after installing Windows Updates.
@David. Yes, Thank you very much for your time. I never used nMap before, but thanks to you i will use it from now on.
@David. Yes, Thank you very much for your time. I never used nMap before, but thanks to you i will use it from now on.
windows firewall, even if it is turned off, it may prevent access to the port,
Try going through the advanced firewall settings, inbound rules and add an exception for port 143 and see if that changes things.
This presumes that you've tested the port being accessible locally on the exchange.
I saw you posted the netstat that reflects the port is being listend on, but is it functional.
telnet localhost 143
and see whether you can interact, or it returns an error right away.
Try going through the advanced firewall settings, inbound rules and add an exception for port 143 and see if that changes things.
This presumes that you've tested the port being accessible locally on the exchange.
I saw you posted the netstat that reflects the port is being listend on, but is it functional.
telnet localhost 143
and see whether you can interact, or it returns an error right away.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- 'Kimputer' (https:#a43226890)
-- 'David Favor' (https:#a43226867)
-- 'David Favor' (https:#a43226899)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- 'Kimputer' (https:#a43226890)
-- 'David Favor' (https:#a43226867)
-- 'David Favor' (https:#a43226899)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
Try to do tracert to check the routing path