[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Rejected SMTP on port 25
Dennis: Can you telnet 25 to your firewall. This will show that your esmtp server off the firewall is working? Do you have a rule specifically for your Exchange Server to smtp with a resource? Is your Exchange server NAT'd? Build a network object for your exchange server: Static nat to your MX record. Try making a policy like this: src->any dst->mail_server srv->smtp-(resource to inbound with attributes) accept log long. Your resource that you attach to your smtp service should have the interior address of the mail server and then in the match tab your domain as *@{domain,otherdomain}.com You will need to make an outbound policy as: src->mail_server dst->any srv->smtp accept log long ----Original Message----- From: Dennis Donohue [mailto:[email protected]] Sent: Wednesday, April 04, 2001 12:10 PM To: '[email protected]' Subject: [FW1] Rejected SMTP on port 25 I have recently upgraded my FW1 4.0 to a FW-1 4.1. After upgrading, I was informed a few days later that my remote users (not using SecuRemote, just connecting to my Exchange Server) could not send emails. Upon further review, I found that the pop3 service was sorking correctly and the clients could receive their mail from the mail server, just not send any (the service would time out when looking for the server). I then tried telnetting into my ports, and found that: 1) I could telnet perfectly into port 110 (pop3) 2) I could not telnet into port 25 from an external source 3) I could telnet into port 25 from within my 192.x.x.x network Upon further review of my firewall I noticed the rules for allowance into my smtp service on my exchange server were still active and setup the same as they were prior to the upgrade. Does anyone know of anything that I could do to try and resove this problem??? (To further factor out the fact that problem could be the exchange server, I can use webmail services that utilize the smtp service on an http port, which means that it has to be some sort of firewall issue). I would really appreciate any help... Thanks, Dennis M. Donohue Network Administrator Aquion Partners L.P.(phn)(mobile)(fax) ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|