What's blocking my port?!?

[Bradley Plett]

I have a client who is running Win2000. I'm seeing strange behavior
that I can neither explain nor fix. For some reason, port 25 (SMTP)
is being blocked to all servers except for an old mail server. I have
disabled all firewall software that I'm aware of, and am running
pretty much as clean as I can make it. Still, when I telnet on port
25 to any server except the one mentioned earlier, it can't connect.
As a result, I can't change my SMTP server!

It's definitely a local machine issue, rather than a router or
external firewall issue, since this only happens on the one machine.
I've looked through all of the network settings I can think of, and
can't find anything that is selectively blocking port 25.

Any ideas?

Thanks!
Brad.

 

[Phillip Windell]

Port 25 does *not exist* on any machine that is not a mail server. You
can't connect to what isn't there.

Ports do not "self-exist". They are created by the Application that is
responsible for them.

No mail server = No SMTP
and
No SMTP = no port 25.

Ports are *imaginary* anyway. They are just Layer4 Addresses, or Application
Addresses if you want to call them that. When a networkable Application
starts up it establishes itself with a particular Layer4 Address and the
Operating Systems networking layers examines the Layer4 portion of the
packets to see the address number and if it matches any address that a
particular Application is associated with it then passes that packet up the
OSI Layers to that particular Application.

I don't know whoever dreamed up the term "port" but it probably is not
really the best term to describe what it really is.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/prodtechnol/isa/2004/deploy/dgisaserver.mspx

 

[3c273]

I hate to go for the obvious but, have you checked to make sure something is
listening on port 25? On one of the servers that you can't reach, what is
the output of "netstat -an"? What error is telnet giving you?
Louis

 

[Bradley Plett]

Apparently I didn't explain myself well enough. I know what a port
is. I was trying to connect from a client machine running Win2k
to different mail servers that specifically are listening on port 25.

Anyway, I have since solved the problem: the ISP was playing some
dirty tricks.

Brad.

 

[Bradley Plett]

Thanks for your reply. It turned out that the ISP was playing some
dirty tricks.

Brad.

 

[Phillip Windell]

Apparently I didn't explain myself well enough. I know what a port
is. I was trying to connect from a client machine running Win2k
to different mail servers that specifically are listening on port 25.

Anyway, I have since solved the problem: the ISP was playing some
dirty tricks.

Ok. Yea, some ISPs bock SMTP to prevent the users from setting up rogue mail
servers and because they often don't know what they are doing, they end up
creating open SPAM relays.