none
telnet localhost 25 ok, but telnet servername 25 connect failed??

    Question

  • I am experience the following problem on a Exchange 2003 Std SP2 server:

    When I type the following command on the Exchange server "telnet localhost 25" I get successfully connected to the SMTP service. I can use all the SMTP commands to send an email

    If I however type "telnet SERVERNAME 25" I get the error "connect failed". This also happens if I use the FQDN of the server and even stranger yet when I use the IP address of the server I also get the "connect failed" error. For some strange reason I can only use the localhost to connect to port 25 of this server.

    * There are no mailflow issues what so ever (yet)
    * There is no TCP/IP filtering configured
    * There is no firewall on this server

    What am I overlooking....

    Some more network info:
    - Single mixed windows 2003/2008 domain
    - Only one exchange 2003 server installed on windows 2003 (no other roles on this server)
    - Two domain controllers (one windows 2003 and one windows 2008 R2), both are GC and DNS server
    - no routing/subnetting, it is a small network of about 80 computers (including servers)


    Erik Nettekoven | MCSE 2000 | MCSE 2003 | MCITP: EA
    Wednesday, November 17, 2010 11:40 AM

Answers

  • Looking at the proposed solutions I probably wasn't clear enough. To clarify:
    I am running telnet locally on the Exchange server and there is no firewall active on the Exchange server and the telnet commands are failing locally on the Exchange server. I already tried putting the servername in the hosts file (didn't mention it above), without success

    Anyway, I have found the culprit and it is called McAfee Virus Scanner. McAfee seems to block the commands, wheter I run telnet locally on the exchange server or externally. No, we did not install the McAfee firewall part or whatsoever. As soon as I disable McAfee telnet works as it should.

    I still do not understand why McAfee does not block telnet (locally on the exchange server) to the local address 127.0.0.1 but does block telnet (locally on the exchange server) to the actual IP address of the exchange server. If McAfee were to block the telnet application, then telnet should fail all together. But that's an issue for the McAfee forums.

     


    Erik Nettekoven | MCSE 2000 | MCSE 2003 | MCITP: EA
    • Marked as answer by ReveTahw Wednesday, November 17, 2010 3:43 PM
    Wednesday, November 17, 2010 3:43 PM

All replies

  • Check nslookup on your server , check whether ports are open , port 25 both inbound and outbound from any other system .

    Portqryv2 is a good utility to check for ports.

    Try putting the hostname and ip address in HOSTS file for initial troubleshooting if it is having issues.

    Wednesday, November 17, 2010 12:07 PM
  • Hi,

    Are you not able to ping from client side or some exchange server, since some time telnet is dropped in firewall end or local antivirus also, make sure these are not the case due to which telnet is dropping & also trace the telnet to find out where its dropping & the we can sort it out.


    Ripu Daman Mina | MCSE 2003 & MCSA Messaging
    Wednesday, November 17, 2010 1:09 PM
  • Looking at the proposed solutions I probably wasn't clear enough. To clarify:
    I am running telnet locally on the Exchange server and there is no firewall active on the Exchange server and the telnet commands are failing locally on the Exchange server. I already tried putting the servername in the hosts file (didn't mention it above), without success

    Anyway, I have found the culprit and it is called McAfee Virus Scanner. McAfee seems to block the commands, wheter I run telnet locally on the exchange server or externally. No, we did not install the McAfee firewall part or whatsoever. As soon as I disable McAfee telnet works as it should.

    I still do not understand why McAfee does not block telnet (locally on the exchange server) to the local address 127.0.0.1 but does block telnet (locally on the exchange server) to the actual IP address of the exchange server. If McAfee were to block the telnet application, then telnet should fail all together. But that's an issue for the McAfee forums.

     


    Erik Nettekoven | MCSE 2000 | MCSE 2003 | MCITP: EA
    • Marked as answer by ReveTahw Wednesday, November 17, 2010 3:43 PM
    Wednesday, November 17, 2010 3:43 PM
  • On Wed, 17 Nov 2010 15:43:23 +0000, ReveTahw wrote:
     
    >
    >
    >Looking at the proposed solutions I probably wasn't clear enough. To clarify: I am running telnet locally on the Exchange server and there is no firewall active on the Exchange server and the telnet commands are failing locally on the Exchange server. I already tried putting the servername in the hosts file (didn't mention it above), without success
    >
    >Anyway, I have found the culprit and it is called McAfee Virus Scanner. McAfee seems to block the commands, wheter I run telnet locally on the exchange server or externally. No, we did not install the McAfee firewall part or whatsoever. As soon as I disable McAfee telnet works as it should.
     
    Turn off the "client protection" part of the software. I'll bet, even
    with it enabled, that your could use that telnet to connect to your
    server from another machine, or if you RPD'd to the server it would
    work, too -- provided that nobody was logged on directly on the
    machine.
     
    This sort of "consumer level" protection on servers is inappropriate
    -- and it's not limited to just McAfee.
     
    >I still do not understand why McAfee does not block telnet (locally on the exchange server) to the local address 127.0.0.1 but does block telnet (locally on the exchange server) to the actual IP address of the exchange server. If McAfee were to block the telnet application, then telnet should fail all together. But that's an issue for the McAfee forums.
     
    It's trying to prevent the local machine from being used as a source
    of spam. If the connection is to the localhost (127.0.0.1) the
    assumption is that it couldn't possible be trying to use a SMTP
    service on the local machine as a relay. Stupid, huh?
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Wednesday, November 17, 2010 4:56 PM