07-07-2009 06:37 AM - edited 03-11-2019 08:51 AM
It started when there were emails destined to this domain (only this domain) got stuck in the queue of our Exchange Server. I tried to telnet to port 25 to the mx record for that domain from our exchange server, which is behind firewall (cisco 515), and it failed. I can't telnet from anywhere behind firewall either. But I can telnet directly behind the router, bypassing the firewall. This problem is, this is intermitten. When I can start to telnet again (behind firewall), the mails in the queue will go thru.
I have disabled the smtp and dns fixup protocols at the firewall.
I also asked my friend to telnet from other countries, they've got no problem.
I'm pretty sure it lies within our firewall. I just don't know what else to check cause it only affects this one particular domain.
If anyone can tell me where else I have to check, it would be much appreciated.
Regards,
Gix
07-07-2009 09:52 AM
Is this the topology:
exch server-Router1-PIX-Router2-Internet--Test PC
You are able to telnet from Router1 but, not from the Test PC?
During the time of the problem when you are unable to telnet to port 25 from outside the firewall pls. do the following.
Make sure you are logging buffered to debug
logging enable
logging buffered 7
sh logg | i x.x.x.x
where x.x.x.x is your source IP address.
You mentioned that you asked your friends to try from other countries. They try to telnet to your exchange server's (public) IP address on port 25 and they are able to at the same time it fails for you?
07-07-2009 05:14 PM
Hi Kusankar,
Thanks for your reply. Let me give you additional details.
Here is the topology that fails:
SrcExchSvr - PIX - Router1-Internet-EmailSvr, we can't telnet from SrcExchSvr to EmailSvr.
This is the one that works:
TestPC-Router1-Internet-EmailSvr, I can telnet from TestPC to EmailSvr.
The EmailSvr belongs to other organization (adaro.net)and hosted at fasthosts.co.uk. Basically we, intermittenly, can't telnet 25 to any mail servers hosted at fasthosts.co.uk.
This used to be working all along until last week. We can also send and receive emails to/from other domains. That organization can also do the same. We can also receive emails from them but not send.
I will try to activate the log and get back to you.
Regards,
Gix
07-09-2009 11:05 PM
Log indicates that the traffic (port 25) were through.
I ran Network Monitor, after the far end server replied with ACK (only)and the system you telnet from replied with RST.
If I compare with the one in the working telnet connection, the far end server would actually reply with ACK and SYN and the system you telnet from would reply with ACK.
Any more ideas anyone?
07-19-2009 05:21 PM
Hi,
I'd just want to update this case.
Sounds weird but it is happening.
I thought of creating a temporary SMTP connector to route emails destined to the problematic domain to our ISP's SMTP server. The new SMTP connector worked and it started to forward emails in the queue. Once it's empty, and to my surprise, I could start telnet to that domain again. I waited for 2 days and it's still working. I then removed the SMTP connector, restart the MS Routing and SMTP services. It's still working until today.
I just can't understand this.
Regards,
Gix
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: