Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Rejected SMTP on port 25

To: "'Dennis Donohue'" <[email protected]>, "fw-1-mailinglist@FW1-NOSPAMlists. us. checkpoint. com (E-mail)" <[email protected]>
Subject: RE: [FW1] Rejected SMTP on port 25
From: "Pellowski, Tom" <[email protected]>
Date: Wed, 4 Apr 2001 13:31:14 -0400
Sender: [email protected]

Dennis:

Can you telnet 25 to your firewall. This will show that your esmtp server
off the firewall is working?

Do you have a rule specifically for your Exchange Server to smtp with a
resource? Is your Exchange server NAT'd?

Build a network object for your exchange server: Static nat to your MX
record.

Try making a policy like this:
src->any dst->mail_server srv->smtp-(resource to inbound with attributes)
accept log long.

Your resource that you attach to your smtp service should have the interior
address of the mail server and then in the match tab your domain as
*@{domain,otherdomain}.com

You will need to make an outbound policy as:
src->mail_server dst->any srv->smtp accept log long



----Original Message-----
From: Dennis Donohue [mailto:[email protected]]
Sent: Wednesday, April 04, 2001 12:10 PM
To: '[email protected]'
Subject: [FW1] Rejected SMTP on port 25



I have recently upgraded my FW1 4.0 to a FW-1 4.1.  After upgrading, I was
informed a few days later that my remote users  (not using SecuRemote, just
connecting to my Exchange Server) could not send emails.  Upon further
review, I found that the pop3 service was sorking correctly and the clients
could receive their mail from the mail server, just not send any (the
service would time out when looking for the server).  I then tried
telnetting into my ports, and found that:
1) I could telnet perfectly into port 110 (pop3)
2) I could not telnet into port 25 from an external source
3) I could telnet into port 25 from within my 192.x.x.x network

Upon further review of my firewall I noticed the rules for allowance into my
smtp service on my exchange server were still active and setup the same as
they were prior to the upgrade.  Does anyone know of anything that I could
do to try and resove this problem???  (To further factor out the fact that
problem could be the exchange server, I can use webmail services that
utilize the smtp service on an http port, which means that it has to be some
sort of firewall issue).

I would really appreciate any help...
Thanks,
Dennis M. Donohue
Network Administrator
Aquion Partners L.P.(phn)(mobile)(fax)




============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Upgrading Nokia IP400
Next by Date: RE: [FW1] Problem with ICA protocol
Previous by thread: RE: [FW1] Rejected SMTP on port 25
Next by thread: RE: [FW1] Rejected SMTP on port 25
Index(es):
- Date
- Thread