none
Telnet to Port 25: Connect Failed. Port 465 Works

    Question

  • First, email is flowing as expected.  We can send / receive to and from external sources and internal sources.  Our internal SMTP applications are able to connect to exchange and send what they need to.

    However, if I attempt to Telnet from the Exchange Server itself or any other server to port 25 I get:

      Connecting To 192.xxx.xxx.xxx...Could not open connection to the host, on port 25: Connect failed

    If I attempt to Telnet to port 465 from any server including Exchange itself I get:

      220 servername.internal.domain Microsoft ESMTP MAIL Service ready at Mon, 1 May 2017 15:40:11 -0600

    So my question is, out of pure curiosity since everything is working, why am I getting rejected by telnet on port 25.

    ** Also worth noting is the internal SMTP applications that work are also configured to use port 25.

    Monday, May 1, 2017 9:41 PM

All replies

  • Is the FrontEnd Transport service running?

    Do your port 25 receive connectors block connections from all but a list of specific IP addresses (RemoteIPRanges)?


    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!


    Monday, May 1, 2017 10:24 PM
    Moderator
  • Front end transport service is running. For the non default receive connectors we do have it locked to up but even if I telnet to port 25 from a server that has an IP on the list it fails. It's also worth noting that this server also has a service running that makes SMTP requests to exchange and it is working for example, what's up gold. If I test SMTP from the what's up gold application it works. However a telnet command to port 25 from the same server will fail.
    Monday, May 1, 2017 11:00 PM
  • What port does What's Up Gold use?

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Tuesday, May 2, 2017 3:31 AM
    Moderator
  • 25. I'll post a screenshot tomorrow of the wug config, the test success from wug and the telnet fail. It's not just wug though, it's the same result from any server and any application we test with.
    Tuesday, May 2, 2017 4:38 AM
  • Look at the configuration of your receive connectors.  Make sure that all that listen on TCP port 25 are configured as FrontEndTransport connectors. Collect the RemoteIPRanges that might be configured and make sure you have a connector that's configured to accept connections from the WUG server.  Make sure that there are no firewalls between the WUG server and the Exchange server, and if there are, make sure that they aren't you doing any favors, like Cisco PIX firewalls with "SMTP Fixup" or Mailguard turned on.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Wednesday, May 3, 2017 12:31 AM
    Moderator