Re: TCP/IP filter & SMTP

From: Jan Sonnemans (j.sonnemans@greenpages.nl)
Date: 09/16/02 

From: "Jan Sonnemans" <j.sonnemans@greenpages.nl>
Date: Mon, 16 Sep 2002 02:08:05 -0700

Sharky, on sep 2 I posted "IIS 4.0 SMTP-service Unable to
send mail"

I also have the same problem. Have you found a solution
already?

>-----Original Message-----
>I'll give it a shot.
>Thanks Ken!
>
>
>
>"Ken Schaefer" <kenRMV@THISadOpenStatic.com> wrote in
message
>news:O8ASIhKWCHA.1664@tkmsftngp09...
>> I said "packet sniffer", not "port scanner" :-)
>>
>> Open up all the ports so that it works. Then fire up
NetMon (tool that
>comes
>> with Windows2000) and do a packet capture. Then look at
all the TCP/UDP
>> packets and see where they are going/coming. Find out
which port it is
>that
>> you need to open.
>>
>> NetMon can be installed from the Add/Remove programs
control panel
>(Windows
>> Components | Network Utilities(?))
>>
>> Cheers
>> Ken
>>
>> --
>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> "sharky" <sharky@nospam.com> wrote in message
>> news:#h15GZKWCHA.2656@tkmsftngp10...
>> > Thanks, Ken!
>> >
>> > I tried that using vbportscan.exe, but I got the same
results when the
>> > server is idle as when I sent mail from the site. It
seems that the port
>> > scanner is only checking listening ports, and maybe
the server is
>sending
>> > some sort of UDP packet when I send mail (?).
>> >
>> > I've got TCP 53 open. This seems to be a UDP issue
since this only
>breaks
>> > when I close UDP ports. I like Tiny, but it won't
work on my particular
>> > setup.
>> >
>> > I appreciate your input anyways.
>> > - shark
>> >
>> >
>> >
>> > "Ken Schaefer" <kenRMV@THISadOpenStatic.com> wrote in
message
>> > news:OdSgT6JWCHA.1748@tkmsftngp09...
>> > > What if you install some kind of packet sniffer and
capture the
>packets
>> > > going back and forwards? This will tell you what
port you'll need to
>> > > open. -or- install a software application level
firewall and see what
>it
>> > > pops up (TPF is a good choice: www.tinysoftware.com)
>> > >
>> > > Also, if you are using MS SMTP server or Exchange
server, you'll need
>to
>> > > enable TCP 53:
>> > > http://support.microsoft.com/default.aspx?
scid=kb;en-us;Q263237
>> > >
>> > > Cheers
>> > > Ken
>> > >
>> > > --
>> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> > > "sharky" <sharky@nospam.com> wrote in message
>> > > news:ez3lCKHWCHA.1632@tkmsftngp11...
>> > > > I have enabled TCP/IP filter on all addresses on
my web server (yea
>> me).
>> > > >
>> > > > I've got everything working except the UDP
filter. I denied access
>to
>> > all
>> > > > UDP services except 88,137,138,53,135 which
allows me to browse my
>> > network
>> > > > connection to shares, resolve dns, and use RPC -
BUT for some
>reason,
>> my
>> > > web
>> > > > server can no longer find my ISP's SMTP server to
send mail from our
>> asp
>> > > > formmail. I get the following error:
>> > > >
>> > > > WSAHOST_NOT_FOUND
>> > > >
>> > > > That doesn't seem right because I've got SMTP
(TCP) enabled on TCP,
>> and
>> > > DNS
>> > > > (53) enabled in UDP, and I can't find any other
ports that SMTP
>might
>> > use.
>> > > >
>> > > > If I enable all UDP ports, it works fine. When I
deny all UDP ports
>> > except
>> > > > the above, it breaks, so it must be some UDP port
is needed to use
>> SMTP
>> > > from
>> > > > my web server.
>> > > >
>> > > > NOTE: this ONLY happens when I turn off UDP
ports, and yes I have
>> > enabled
>> > > > SNTP ports on TCP, but that doesn't appear to be
the problem because
>I
>> > > only
>> > > > have this problem when I deny UDP ports.
>> > > >
>> > > > Has anybody run into this before or have some
knowledge on the
>subject
>> > > they
>> > > > can share?
>> > > >
>> > > > Gracias!
>> > >
>> > >
>> > >
>> >
>> >
>>
>>
>
>
>.
>

Relevant Pages

  • Re: Weird iptables issue
    ... >> particular MAC address to make connections to the server. ... >> So I thought that iptables should drop that packet. ... it returns telling me that all ports are open. ... > All your UDP ports that are dropped will show as open to nmap. ...
    (comp.os.linux.security)
  • Re: Whats a decent modem/router for tech savy user?
    ... It is not possible to route or deny traffic to specific ports based on the source IP address. ... But it wont route back inside the LAN - needs internal DNS server spoofing. ... Normally, this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. ... Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on the Internet for services that you haven't defined. ...
    (uk.telecom.broadband)
  • Re: Cannot connect to RWW from home PC
    ... That would be the address you need a DNS record for. ... You say "And in the router you need to forward to your external nic IP" ... Still can't telnet to any of your ports at your public ip address. ... Heres' the info for our server: ...
    (microsoft.public.windows.server.sbs)
  • Re: Netopia 3347NWG with Remote Desktop and Remote Web Workplace
    ... Glad you're back in business Greg! ... Ports Closed ... Despite this, Remote Web Workplace DOES WORK now, and Connect to Server ... Exchange BPA updates), ...
    (microsoft.public.windows.server.sbs)
  • Solution -> Re: SSH tunnel question.
    ... change IPS and ports around but that is not a big deal. ... telnet/ftp/rsh open on a server including on the Internet facing ports! ... I will go from the corp desktop to a hop ... through the firewall to the hop ...
    (SSH)