1

I have a mail server using powermta on a windows 2003 server (legacy). If I telnet into that server to test smtp connectivity, it works from other 2003 servers and from my dev machine running windows 10. I can issue the ehlo commands/etc. They return as expected.

If I telnet into it FROM a windows 2008 server, I only receive error messages:

EHLO mailserver.com
500 5.5.1 command unknown in "XXXX XXXXXXXX"

That error message line above is verbatim. It isn't generated when issuing the command from other non 2008 machines.

I'm at a loss. My real issue is the sender software on this server that I'm trying to configure generates the same error although it doesn't use telnet. There is some difference between the servers. What is it?

On a side note, I downloaded an smtp diag tool that will send successfully from the 2008 server.

lucuma
  • 145
  • 1
  • 7
  • Are there any firewalls between the servers? Are there a *different set* of firewalls between the 2008 servers and the SMTP servers? Reason I ask is because I've experienced firewalls doing packet inspection causing things like this. – Ryan Ries Apr 28 '16 at 03:05
  • There are firewalls between the two however from the 2008 server I downloaded a smtp diag program that can successfully send an email. If I try the simple commands via telnet it fails. All on port 25. Yes, two separate firewalls they are on different networks. – lucuma Apr 28 '16 at 03:07

2 Answers2

0

It's your firewall.

Check Cisco ASA rewriting SMTP traffic to prevent mail sending

yourfirewall# show running-config policy-map

yourfirewall# configure terminal yourfirewall(config)# policy-map global_policy yourfirewall(config-pmap)# class inspection_default yourfirewall(config-pmap-c)# no inspect esmtp

Community
  • 1
Ryan Ries
  • 55,481
  • 10
  • 142
  • 199
  • I can't confirm your solution but you are right there was an issue with the firewall. I am going to add an answer with the details but have marked this one. – lucuma Apr 28 '16 at 14:58
0

Prior to posting my question I spent several days troubleshooting and called my network people at the ISP 4 times asking about:

  • Antivirus interfering with port 25 traffic. Several posts online about this.
  • Firewall port blockages. The obvious thing but ruled out because I could connect via telnet just the commands didn't work
  • Packet inspection

The answer every time I called was, "No we aren't doing any of that". I spoke to at least 5 people. The last time I called I made the tech remote into the server, run the telnet commands while I was on the phone and confirm the issue. From his own machine he had no problems connecting via telnet.

He confirmed to me they were indeed doing some kind of blocking on ESMPT traffic. I accepted the answer above, but in case someone else sees these command unknown issues, check with the network admins about the packet inspection policies.

lucuma
  • 145
  • 1
  • 7