I recently had a number of remote users call me saying they can't send email through the company email server, but can receive. This resulted in me having to work 16 hours yesterday, and going without sleep for a total of 20.
In case you're wondering, it all has to do with TCP/IP standard port numbers. Port 25 for SMTP (Send) and port 110 POP3 (receive).
I quickly determined that somewhere the SMTP port 25 was being blocked. I also used a number of troubleshooting procedures to determine that the blocking was occurring off of our network. AT&T quickly denied any port blocking. So right now we still have a trouble ticket open for them to investigate it.
In order to get my remote users up again I had them all configure Outlook to send on a non standard (port 366). and configured my mail server to accept mail on that port as an alternate. I had to do that with each remote user, with the exception of our Corby, England office. To my delight, there was someone there that knew exactly what I was talking about, and agreed to handle it there.
Here's what my day consisted of:
After all the basic stuff like checking the firewall and router access-lists, I examined all settings on Email server. All email clients inside the router can freely send email over SMTP port 25. Shut down all Email security and spam filtering.
Internal networking equipment is working fine, no VLANs in use on switches, all data is flowing freely.
Had Remote users, including users in Corby, England configure their clients to send mail on a non-standard Port 366 for SMTP. Users reported success in sending mail.
Logged into my home machine through a VNC session and Port scanned my mail server. All expected listening ports appeared except for port 25.
Attached a Hub between the gateway router and the switch. Plugged the email server and a sniffer into the hub. Attempted to send email from home on port 25 while running a 15 minute packet capture. No port 25 traffic was captured, but successful port 366 traffic was.
Bypassed firewall, shut off all security on gateway router. Nothing. Powered down gateway router, and swapped it out with a spare Cisco 2611 configured with bare minimum settings to allow it to interface and pass traffic to and from your network. I had absolutely no security services or, otherwise running. Only the minimum routing and NAT services to allow external traffic to access internal resources. Nothing!
Called AT&T again (By now I'm like fuckit, so I'm smoking at my desk and flicking the ashes into stale 6 hour old coffee.) Fuckers still said there's no problem on their end.
Went the fuck home
Now it's today and I am still waiting, after receiving and email that consisted of nothing more than "Your email has been referred to the technician working on your ticket."
Why do I envision, some tech sitting there playing counter strike.
:mfinger:
In case you're wondering, it all has to do with TCP/IP standard port numbers. Port 25 for SMTP (Send) and port 110 POP3 (receive).
I quickly determined that somewhere the SMTP port 25 was being blocked. I also used a number of troubleshooting procedures to determine that the blocking was occurring off of our network. AT&T quickly denied any port blocking. So right now we still have a trouble ticket open for them to investigate it.
In order to get my remote users up again I had them all configure Outlook to send on a non standard (port 366). and configured my mail server to accept mail on that port as an alternate. I had to do that with each remote user, with the exception of our Corby, England office. To my delight, there was someone there that knew exactly what I was talking about, and agreed to handle it there.
Here's what my day consisted of:
After all the basic stuff like checking the firewall and router access-lists, I examined all settings on Email server. All email clients inside the router can freely send email over SMTP port 25. Shut down all Email security and spam filtering.
Internal networking equipment is working fine, no VLANs in use on switches, all data is flowing freely.
Had Remote users, including users in Corby, England configure their clients to send mail on a non-standard Port 366 for SMTP. Users reported success in sending mail.
Logged into my home machine through a VNC session and Port scanned my mail server. All expected listening ports appeared except for port 25.
Attached a Hub between the gateway router and the switch. Plugged the email server and a sniffer into the hub. Attempted to send email from home on port 25 while running a 15 minute packet capture. No port 25 traffic was captured, but successful port 366 traffic was.
Bypassed firewall, shut off all security on gateway router. Nothing. Powered down gateway router, and swapped it out with a spare Cisco 2611 configured with bare minimum settings to allow it to interface and pass traffic to and from your network. I had absolutely no security services or, otherwise running. Only the minimum routing and NAT services to allow external traffic to access internal resources. Nothing!
Called AT&T again (By now I'm like fuckit, so I'm smoking at my desk and flicking the ashes into stale 6 hour old coffee.) Fuckers still said there's no problem on their end.
Went the fuck home
Now it's today and I am still waiting, after receiving and email that consisted of nothing more than "Your email has been referred to the technician working on your ticket."
Why do I envision, some tech sitting there playing counter strike.
:mfinger:
