locked
Telnet disconnects while testing Port 25 SMTP

    Question

  • Can anyone help with this very frustrating situation.

    I am trying to run hMailserver (could be any mail program) on Windows Server 2008 R2. The Server is not part of a Domain and is not running Active Directory. I have a basic Firewall with Advanced Security setup, having created an inbound rule for the hMailserver.exe program to allow all ports through. My remote mail client could not connect, so I tried Telnet. On the server I can connect to port 25 SMTP successfully, but when I try to Telnet from client machines, Telnet disconnects immediately and I get a 'press any key' prompt, followed by a 'the connection was lost message. The hMailserver logging shows that the request by Telnet was recieved and responded to.

    The remote client is running Windows 7 Ultimate and Macafee Security Centre. I have also tested on a remote client running Windows XP and Norton, and a remote client running Windows XP and Windows Firewall. I connect remotely from home through a wireless router and cable modem.

    To fully test what is going on I have stopped the firewall on the remote clients and tried a connection directly to the cable modem. The same occurs whatever I do.

    Is there a problem with Windows Firewall with Advanced Security and IPSec. I have no outbound rules or connection settings, so my understanding is that Windows Firewall with Advanced Security should allow all traffic.

    Any help greatly appreciated as I have fought with this for a week now.


    Michael J. Hill
    Saturday, March 20, 2010 6:57 PM

Answers

  • All sorted out Edoardo! I had to set the priority of the local IP address of the server higher than the AutoBan level in hMailserver, and restart the Windows Firewall with AP. The firewall wouldn't restart, so a reboot and it all started to work.

    Many thanks for your help and guidance. Wireshark will prove an invaluable tool for the future, and I have you to thank for pointing me in the right direction.


    Michael J. Hill
    Thursday, March 25, 2010 10:46 AM

All replies

  • Hi.

    What happens if you install and run hMailserver.exe on your win2k8 R2 ?

    Can you explain better how your server is connected to internet ?

    Can you post an ipconfig /all result of your win2k8 server ?

    Have to tried a portscan toward your public ip address from internet ?


    Edoardo Benussi - Microsoft® MVP
    Management Infrastructure - Systems Administration
    https://mvp.support.microsoft.com/Profile/Benussi
    edo[at]mvps[dot]org
    Sunday, March 21, 2010 11:27 AM
  • Edoardo,

                   Hi. hMailserver.exe is running on the Win2k8 R2 server. The server is in a datacentre in the UK (Webfusion) and has a giganit connection to the internet.

    Here is my ipconfig /all result from the Win2k8 R2 :-

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : MJHost
       Primary Dns Suffix  . . . . . . . : dedicated.Somewhereco.uk
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : dedicated.Somewhere.co.uk
                                           Somewhere.co.uk
                                           co.uk

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
       Physical Address. . . . . . . . . : xx-xx-xx-xx-F1-DD
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : hex::hex:hex:hex:34cb%10(Preferred)
       IPv4 Address. . . . . . . . . . . : xxx.xxx.xxx.30(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.254.0
       IPv4 Address. . . . . . . . . . . : xxx.xxx.xxx.31(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.254.0
       Default Gateway . . . . . . . . . : xxx.xxx.xxx.xxxx
       DHCPv6 IAID . . . . . . . . . . . : xxxxxx596
       DHCPv6 Client DUID. . . . . . . . : xx-xx-xx-xx-xx-xx-xx-xx-xx-xx-xx-xx-F1-DD

       DNS Servers . . . . . . . . . . . : 8.8.8.8
                                           8.8.4.4
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter Local Area Connection* 8:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : isatap.{nnnnnnaa-nnna-nnna-annn-aanannannnnn}
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 9:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : 6TO4 Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : nnnn:nann:nnna::nann:561e(Preferred)
       IPv6 Address. . . . . . . . . . . : nnnn:nann:nnna::nann:561f(Preferred)
       Default Gateway . . . . . . . . . : nnnn:annn:nnnn::annn:6301
       DNS Servers . . . . . . . . . . . : 8.8.8.8
                                           8.8.4.4
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection* 11:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : nnnn:n:nnnn:nann:nnna:nnaa:nnnn:a9e1(Pref
    erred)
       Link-local IPv6 Address . . . . . : aann::nnna:nnaa:nnnn:anan%13(Preferred)
       Default Gateway . . . . . . . . . :
       NetBIOS over Tcpip. . . . . . . . : Disabled

    I have removed all personally identifiable data (just for security).

    Just out of interest, I installed the ftp service on the Win2k8 R2 Server last night, and that works fine. I am sure I have my MX records correct for the mail server. If I didn't, telnet would not pull out the correct IP.

    A portscan of my public IP shows HTTP, Remote Desktop Connection, SMTP, and POP as being open ports, all others are closed.


    Michael J. Hill
    Sunday, March 21, 2010 4:20 PM
  • Can you try to connect to port 25 from a client without pass through your basic Firewall with Advanced Security setup ?
    Edoardo Benussi - Microsoft® MVP
    Management Infrastructure - Systems Administration
    https://mvp.support.microsoft.com/Profile/Benussi
    edo[at]mvps[dot]org
    Monday, March 22, 2010 2:17 PM
  • Unfortunately we can only access remotely.

    Just to check things out I installed FTP for IIS7.0 Service and can Telnet Port 21 remotely no problem. So I am very confused as to why I can't Telnet port 25 remotely. I have configured Firewall with Advanced Security rules for SMTP exactly as for FTP and still get the same behaviour.


    Michael J. Hill
    Monday, March 22, 2010 2:41 PM
  • can you install on the server wireshark and intercept all packets to understand better what happens ?
    Edoardo Benussi - Microsoft® MVP
    Management Infrastructure - Systems Administration
    https://mvp.support.microsoft.com/Profile/Benussi
    edo[at]mvps[dot]org
    Tuesday, March 23, 2010 10:49 AM
  • Edoardo,

                Installed wireshark and captured events while I remotely Telnet port 25. Showing errors replying due to bad headers.

    Will e-mail capture results to you.


    Michael J. Hill
    Tuesday, March 23, 2010 1:41 PM
  • I have seen your wireshark capture result.

    Can you activate log writing on mailreader (client) and wireshark capture on server, try "send/receive" and send mail to me with both results ?


    Edoardo Benussi - Microsoft® MVP
    Management Infrastructure - Systems Administration
    https://mvp.support.microsoft.com/Profile/Benussi
    edo[at]mvps[dot]org
    Wednesday, March 24, 2010 1:02 PM
  • Edoardo,

                   I will do that later this evening, and post results to you.

                   I have managed to Telnet and send mail from a remote machine. I raised the priority of my IP range above the level of 20 to avoid AutoBan. That said, Windows Live Mail won't connect from the same remote machine. On the server I setup an account in Windows Mail and recieved full functionality. I exported the account details from Windows Mail and imported them into Windows Live Mail on the remote machine. However when I try to connect I get the following error :-

    Unable to send or receive messages for the mail.tradecreditmanager.co.uk account. The connection to the server has failed.

    Server: 'mail.tradecreditmanager.co.uk'
    Windows Live Mail Error ID: 0x800CCC0E
    Protocol: POP3
    Port: 110
    Secure(SSL): No
    Socket Error: 10060

    I tried to change the SMTP Port in the account settings in Windows Live Mail to 587, as I have seen suggested elsewhere. This didn't work either.

    So as things stand:-

    • I have full functionality at the server using Windows Mail
    • Using same account settings I cannot connect from remote machine using Windows Live Mail
    • I can send mail using Telnet on the same remote machine

    Many thanks and I will be in touch with those results.


    Michael J. Hill
    Wednesday, March 24, 2010 6:22 PM
  • All sorted out Edoardo! I had to set the priority of the local IP address of the server higher than the AutoBan level in hMailserver, and restart the Windows Firewall with AP. The firewall wouldn't restart, so a reboot and it all started to work.

    Many thanks for your help and guidance. Wireshark will prove an invaluable tool for the future, and I have you to thank for pointing me in the right direction.


    Michael J. Hill
    Thursday, March 25, 2010 10:46 AM