Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
What port do a Exchange server answer on ?
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
 Limited time MSExchange.org offer! -- 1.Sep.2008 1:00:00 PM
|
|
TechGenix and SolarWinds have partnered to provide free copies of SolarWinds Exchange Monitor to all visitors who join the MSExchange.org Forums. SolarWinds Exchange Monitor is a handy desktop dashboard that continuously monitors Microsoft Exchange to deliver real-time insight into Exchange services, mail queue sizes, and host server health. Learn more about Exchange Monitor and the free offer!
|
What port do a Exchange server answer on ? - 10.Aug.2005 3:01:00 PM
|
|
|
Bendji
Posts: 18
Joined: 4.Jul.2005
From: Denmark
Status: offline
|
Greetings all,
I'm stumbled over a problem/question that I cant figure out.
We have a Exchange server and a firewall between that and the Internet.
We where configurating the firewall and did close all port from the Exchange server out to the Internet except port 25 (smtp) and the same from the Internet into the exchange server(only port 25 open from the Internet to the Exchange server).
My problem is that the setup did not work untill we did allow the exchange server to send on all port out to the Internet.
A friend of mine told me that when exchange receives a msg on port 25 it answers on another port because of the traffic on port 25(and hence all ports need to be open from the exchange server to the Internet).
For me this sounds strange, but is it true ? Sofar I havn't found anything about it on the net and im convinced that there must be a configuration error in the firewall.
So what do you experts say ?
Thx for the reply's all ,-)
Yours Sincerely,
Bendji
|
|
|
|
RE: What port do a Exchange server answer on ? - 10.Aug.2005 4:10:00 PM
|
|
|
consultOz
Posts: 907
Joined: 11.Mar.2005
From: Virginia, USA
Status: offline
|
Bendji
Take a look below,
http://support.microsoft.com/kb/832017
Taken From CYA book.
=================================================
80/TCP HTTP. Why port 80? Because even though your OWA
clients communicate with the FE server(s) over port
443/TCP (SSL), FE and BE servers donÆt use SSL to
communicate with each otherùthey communicate
over port 80
143/TCP IMAP4
110/TCP POP3
25/TCP Simple Mail Transfer Protocol (SMTP)
691/TCP Link State Algorithm Routing
389/TCP/UDP LDAP to Directory Service
3268/TCP LDAP to Global Catalog Server
88/TCP/UDP Kerberos authentication
53/TCP/UDP DNS Lookup
|
|
|
|
|
RE: What port do a Exchange server answer on ? - 11.Aug.2005 2:29:00 AM
|
|
|
Bendji
Posts: 18
Joined: 4.Jul.2005
From: Denmark
Status: offline
|
Heya Oz,
First thx for the answer ;-)
But what you describe there is how the server is communication with the Intern backend servers. So I dont think that do explain it, at least not as I see it ;-)
The real setup as it is now is:
Intern server <--> Intern firewall <--> Dmz/External server <--> Firewall <--> Internet
Where those ports you mention is for the communication between the Intern exchange and the external exchange server.
The server im in doubt over is the external server in the DMZ which don't support OWA, but only gets mail over smtp port 25(from the internet) and then send it to the Intern server which holds the mailbokses. And the Inter serves send the mail to the external exchanger which then guide it out on the Internet.
And I can't see why the server in the DMZ should have acces on all ports out to the Internet and not only port 25 (perhabs DNS also).
|
|
|
|
|
RE: What port do a Exchange server answer on ? - 11.Aug.2005 2:59:00 AM
|
|
|
isawader
Posts: 119
Joined: 7.Jul.2005
From: US
Status: offline
|
You should only open SMTP port 25 on the firewall facing the internet and forward the traffic to FE exchange server for sending and receiving internet emails.
If the FE exchange server uses your ISP's DNS server to resolve names, TCP/UDP ports 67 or 68 must be open on the front firewall for the outbound DNS queries from the FE server. Receiving emails from internet shouldn't be a problem without ports 68/67. If you can't receive emails at all, you should check your FE's configuration and MX record at your ISP's DNS server.
[ August 11, 2005, 03:06 AM: Message edited by: isawader ]
|
|
|
|
|
RE: What port do a Exchange server answer on ? - 11.Aug.2005 5:30:00 AM
|
|
|
underwarezs
Posts: 314
Joined: 28.Jul.2005
From: London, UK
Status: offline
|
Bendji,
Does your firewall control both outbound and incoming requests? For example, does it allow all outgoing data, but filter incoming data or is incoming and outgoing filtered?
I've noticed, that even though my POP3 server has port 110 open, requests from other users usually originate from a port above 1024. Ensure you have no "source port" filtering enabled. What sort of firewalls are you using?
UnderWareZs
[ August 11, 2005, 05:38 AM: Message edited by: UnderWareZs ]
|
|
|
|
|
RE: What port do a Exchange server answer on ? - 12.Aug.2005 2:39:00 AM
|
|
|
Bendji
Posts: 18
Joined: 4.Jul.2005
From: Denmark
Status: offline
|
Heya ;-)
Well think you actually answered my question there "UnderWarez" ;-)
The firewall do control both incomming and outgoing requests.
From the external exchange server, I have no filtering from the source(outbound). So all ports are open from the External Exchange server and out to the Internet. And from the Internet(inbound)is only open for port 25.
That was actually my problem. In the start I had only open for port 25 (since the server is only for mail and not POP3, OWA etc). But with only port 25 open (outbound) I did not get any responed when I tried to send mails to it from the Internet. It only workede if I did open all ports from the Exchange server and out on the Internet.
And I'm having trouble understanding why, since I thought Exchange did answer on port 25, but seems like it answers on a random port over 1024.
Was just interested in hearing if other had discovered the same and even might have an explanation for it. And it seems like you have seen the same on your server :-)
Thx for the reply's all. Ohh and if some one know a place where it is described how Exchange answers(port wise), not ehlo, helo etc then I would be gratefull for a link :-)
[ August 12, 2005, 02:43 AM: Message edited by: Bendji ]
|
|
|
|
|
RE: What port do a Exchange server answer on ? - 12.Aug.2005 12:39:00 PM
|
|
|
isawader
Posts: 119
Joined: 7.Jul.2005
From: US
Status: offline
|
Hi Guys,
In a client to server communication, the client almost always uses a port number greater than 1024 as the source and server's well known port (1-1024) as the destination port.
So for example, if you want to browse to www.msexchange.com using your browser, the browser will use port >1024 (say 2000) as the source port and port 80 as the destination port. When the webserver response back to the client it will always use port 80 as the source and port 2000 as the destination. The SMTP protocol works exactly the same way. Just replace port 80 with 25 and replace web server with the exchange server.
So in your firewall rules, you should allow outbound emails to go out on port 25 (SMTP) only. Same with the inbound emails, only port 25 must be forwarded to the exchange server from the firewall. You shouldn't mess with the clients source ports as the default install of any firewall will allow ports >1024.
Protocols like FTP is exception to this above communication model.
[ August 12, 2005, 12:42 PM: Message edited by: isawader ]
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
