can't send SMTP mail out using alt. SMTP svc

Discussion in 'Windows Small Business Server' started by Rob Pettrey, Dec 19, 2005.

  1. Rob Pettrey

    Rob Pettrey Guest

    I am using no-ip.com's alternate SMTP service for a client with a
    dynamic IP. They use port 3325 to send mail out.

    I upgraded this client to SP1, including ISA 2004. Everything went
    perfect until the ISA upgrade. It uninstalled ISA 2000, began to
    install ISA 2004 fresh, and croaked. Multiple times - same error.

    System down - call MS - fixed an hour later, but I lost all of my
    settings. Including how I had ISA 2000 set up to pass the port.

    I've been working on this all weekend, and am no longer thinking
    clearly. Everything else is still set up, so if I can set up ISA 2004
    to send outgoing SMTP using port 3325, I'm all set.

    Help!

    Rob Pettrey
     
    Rob Pettrey, Dec 19, 2005
    #1
    1. Advertisements

  2. HI Rob,

    Welcome to SBS newsgroup.

    Issue description:
    ============

    I understand that you want to set up your ISA 2004 to send the outgoing
    email via port 3325.

    Analyzing and suggestion:
    ==============

    Generally speaking, if you use the default SMTP ports, we can run CEICW to
    automatically configure it, but if you use the non-standard ports, we might
    have to configure the ports by yourself.

    Based on my research, we need to open port 3325 for outbound traffic on the
    ISA 2004 server, please first follow the steps below to open the port 3325.

    1. Open ISA Server Management, the Microsoft Management Console (MMC)
    snap-in that is included in ISA Server 2004.

    2. In the "Tree" pane, right-click "Firewall Policy", point to "New",
    and then click "Access Rule" to start the New Access Rule Wizard.

    3. On the "Welcome" page, type a name for the access rule, such as "SMTP"
    (without the quotation marks), and then click "Next".

    4. On the "Rule Action" page, click "Allow", and then click "Next".

    5. On the "Protocols" page, click "Selected protocols" in the "This rule
    applies to" list, and then click "Add".

    6. In the "Add Protocols" dialog box, expand "Common Protocols", and then
    click the SMTP protocol that you have created on the protocol definition.
    (Note please open port 3325 for outbound traffic)

    7. Click "Add", and then click "Close".

    8. On the "Protocols" page, click "Next".

    9. On the "Access Rule Sources" page, click "Add" to open the "Add
    Network Entities" dialog box.

    10. Expand "Networks", click "Internal", click "Add", and then click
    "Close". Note In this step, it is assumed that the client is part of the
    ISA Server-protected network that is named "Internal.".

    11. On the "Access Rule Sources" page, click "Next".

    12. On the "Access Rule Destinations" page, click "Add" to open the
    "Add Network Entities" dialog box.

    13. Expand "Networks", click "External", click "Add", and then click"
    Close".

    14. On the "Access Rule Destinations" page, click "Next".

    15. On the "User Sets" page, click the user sets that you want, and then
    click "Next".

    - It must be listed before any access rule for which the
    "All authenticated users" setting has been selected.

    - It must be listed before any access rule for which one or both of the
    following user sets have been selected:

    - Specific user groups
    - Specific users

    16. Review the information that is on the wizard summary page, and then
    click "Finish".

    17. In the "Firewall Policy" details pane, click "Apply" to apply the new
    access rule.

    If you make sure that you have create the SMTP outbound rule successfully,
    please refer to the following KB article to save the ISA logging as a file
    and send it to me for research. Please send me the firewall log for
    research. (This is very important for us to identify the issue. Please
    carefully go through the KB article below)

    838241 How to configure logging in ISA Server 2004
    http://support.microsoft.com/?id=838241

    Please also paste any ISA and Exchange related error event to newsgroup for
    further research.

    I really appreciate your effort on this issue, please feel free to let me
    know the results. I am glad to be of assistance.



    Best regards,

    Charles Yang (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    ======================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    ======================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.


    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | Thread-Topic: can't send SMTP mail out using alt. SMTP svc
    | thread-index: AcYE7FCAzerYRsmWT+eC3YYdh2SU1w==
    | X-WBNR-Posting-Host: 71.244.217.215
    | From: "=?Utf-8?B?Um9iIFBldHRyZXk=?="
    <>
    | Subject: can't send SMTP mail out using alt. SMTP svc
    | Date: Mon, 19 Dec 2005 14:34:03 -0800
    | Lines: 19
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:231246
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | I am using no-ip.com's alternate SMTP service for a client with a
    | dynamic IP. They use port 3325 to send mail out.
    |
    | I upgraded this client to SP1, including ISA 2004. Everything went
    | perfect until the ISA upgrade. It uninstalled ISA 2000, began to
    | install ISA 2004 fresh, and croaked. Multiple times - same error.
    |
    | System down - call MS - fixed an hour later, but I lost all of my
    | settings. Including how I had ISA 2000 set up to pass the port.
    |
    | I've been working on this all weekend, and am no longer thinking
    | clearly. Everything else is still set up, so if I can set up ISA 2004
    | to send outgoing SMTP using port 3325, I'm all set.
    |
    | Help!
    |
    | Rob Pettrey
    |
    |
    |
     
    Charles Yang [MSFT], Dec 20, 2005
    #2
    1. Advertisements

  3. Rob Pettrey

    Rob Pettrey Guest

    Charles,

    Thanks! That's what I was trying to do, I just didn't know how.

    Here's what I did.

    ISA Server Management | Firewall Policy |right click |

    new | access rule | name: alternate SMTP rule | next |
    allow | next | applies to: selected protocols |

    add | new | protocol | name: alternate SMTP | next |
    new | TCP | outbound | from: 3325 | to: 3325 | next |
    no | next | finish | close |

    protocol | add | user-defined | alternate SMTP | add | close | next |

    source | add | networks | Local Host | add | close | next |

    destinination | add | networks | external | add | close | next |

    all users | next | finish | APPLY (I always forget that...)

    Now that I've done it once, it seems easy, but at about 7 pm it
    looked impossible, because I didn't know what I was doing.
    (Actually, still don't - I am officially an ISA loose cannon...)

    I also played with the monitoring.

    ISA Server Management | Monitoring | Logging

    I then went to the alternate SMTP Exchange queue that was backed up, and did

    server | queues | pick queue | right click | force connection

    while watching the ISA log. It first showed up as

    time | IP | 3325 | Unidentified IP Traffic | Denied Connection

    Pretty cool! I can see the protocol, and what happened! After I
    created the protocol, and the rule, the forced connect showed up as

    time | IP | 3325 | alternate SMTP | Denied Connection | SBS internet access
    rule

    Why wasn't it using the rule I just set up? I then looked at the
    other rules, and my rule's "from" was "Internal", and all the other
    outgoing rule's "from" was "Local Host". I changed it to "Local
    Host" and the force connect showed this:

    time | IP | 3325 | alternate SMTP | Initiated Connection | Alternate SMTP Rule

    Hey, it's working! My queue emptied, and I'm in bidness! The new ISA
    is way cool...even though I feel like I'm sipping from a fire hose...

    Thanks again, Charles, for your help! It's working!

    Rob Pettrey

     
    Rob Pettrey, Dec 20, 2005
    #3
  4. HI Rob,

    Thanks for letting us know that it working well now:

    For your convenience, I would like to give you a KB article, it will be
    helpful for you to design a ISA 2004 based local network:

    867483 How to configure networks in ISA Server 2004
    http://support.microsoft.com/?id=867483


    Please feel free to use this newsgroup. We are glad to be of assistance.
    Have a nice day:



    Best regards,

    Charles Yang (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    ======================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    ======================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.


    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | Thread-Topic: can't send SMTP mail out using alt. SMTP svc
    | thread-index: AcYFKD2lXpXtlfBqRR2yRudrjZOM2w==
    | X-WBNR-Posting-Host: 72.240.151.28
    | From: "=?Utf-8?B?Um9iIFBldHRyZXk=?="
    <>
    | References: <>
    <>
    | Subject: RE: can't send SMTP mail out using alt. SMTP svc
    | Date: Mon, 19 Dec 2005 21:43:02 -0800
    | Lines: 243
    | Message-ID: <>
    | MIME-Version: 1.0
    | Content-Type: text/plain;
    | charset="Utf-8"
    | Content-Transfer-Encoding: 7bit
    | X-Newsreader: Microsoft CDO for Windows 2000
    | Content-Class: urn:content-classes:message
    | Importance: normal
    | Priority: normal
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:231315
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Charles,
    |
    | Thanks! That's what I was trying to do, I just didn't know how.
    |
    | Here's what I did.
    |
    | ISA Server Management | Firewall Policy |right click |
    |
    | new | access rule | name: alternate SMTP rule | next |
    | allow | next | applies to: selected protocols |
    |
    | add | new | protocol | name: alternate SMTP | next |
    | new | TCP | outbound | from: 3325 | to: 3325 | next |
    | no | next | finish | close |
    |
    | protocol | add | user-defined | alternate SMTP | add | close | next |
    |
    | source | add | networks | Local Host | add | close | next |
    |
    | destinination | add | networks | external | add | close | next |
    |
    | all users | next | finish | APPLY (I always forget that...)
    |
    | Now that I've done it once, it seems easy, but at about 7 pm it
    | looked impossible, because I didn't know what I was doing.
    | (Actually, still don't - I am officially an ISA loose cannon...)
    |
    | I also played with the monitoring.
    |
    | ISA Server Management | Monitoring | Logging
    |
    | I then went to the alternate SMTP Exchange queue that was backed up, and
    did
    |
    | server | queues | pick queue | right click | force connection
    |
    | while watching the ISA log. It first showed up as
    |
    | time | IP | 3325 | Unidentified IP Traffic | Denied Connection
    |
    | Pretty cool! I can see the protocol, and what happened! After I
    | created the protocol, and the rule, the forced connect showed up as
    |
    | time | IP | 3325 | alternate SMTP | Denied Connection | SBS internet
    access
    | rule
    |
    | Why wasn't it using the rule I just set up? I then looked at the
    | other rules, and my rule's "from" was "Internal", and all the other
    | outgoing rule's "from" was "Local Host". I changed it to "Local
    | Host" and the force connect showed this:
    |
    | time | IP | 3325 | alternate SMTP | Initiated Connection | Alternate SMTP
    Rule
    |
    | Hey, it's working! My queue emptied, and I'm in bidness! The new ISA
    | is way cool...even though I feel like I'm sipping from a fire hose...
    |
    | Thanks again, Charles, for your help! It's working!
    |
    | Rob Pettrey
    |
    | ""Charles Yang [MSFT]"" wrote:
    |
    | > HI Rob,
    | >
    | > Welcome to SBS newsgroup.
    | >
    | > Issue description:
    | > ============
    | >
    | > I understand that you want to set up your ISA 2004 to send the outgoing
    | > email via port 3325.
    | >
    | > Analyzing and suggestion:
    | > ==============
    | >
    | > Generally speaking, if you use the default SMTP ports, we can run CEICW
    to
    | > automatically configure it, but if you use the non-standard ports, we
    might
    | > have to configure the ports by yourself.
    | >
    | > Based on my research, we need to open port 3325 for outbound traffic on
    the
    | > ISA 2004 server, please first follow the steps below to open the port
    3325.
    | >
    | > 1. Open ISA Server Management, the Microsoft Management Console (MMC)
    | > snap-in that is included in ISA Server 2004.
    | >
    | > 2. In the "Tree" pane, right-click "Firewall Policy", point to "New",
    | > and then click "Access Rule" to start the New Access Rule Wizard.
    | >
    | > 3. On the "Welcome" page, type a name for the access rule, such as
    "SMTP"
    | > (without the quotation marks), and then click "Next".
    | >
    | > 4. On the "Rule Action" page, click "Allow", and then click "Next".
    | >
    | > 5. On the "Protocols" page, click "Selected protocols" in the "This
    rule
    | > applies to" list, and then click "Add".
    | >
    | > 6. In the "Add Protocols" dialog box, expand "Common Protocols", and
    then
    | > click the SMTP protocol that you have created on the protocol
    definition.
    | > (Note please open port 3325 for outbound traffic)
    | >
    | > 7. Click "Add", and then click "Close".
    | >
    | > 8. On the "Protocols" page, click "Next".
    | >
    | > 9. On the "Access Rule Sources" page, click "Add" to open the "Add
    | > Network Entities" dialog box.
    | >
    | > 10. Expand "Networks", click "Internal", click "Add", and then click
    | > "Close". Note In this step, it is assumed that the client is part of
    the
    | > ISA Server-protected network that is named "Internal.".
    | >
    | > 11. On the "Access Rule Sources" page, click "Next".
    | >
    | > 12. On the "Access Rule Destinations" page, click "Add" to open the
    | > "Add Network Entities" dialog box.
    | >
    | > 13. Expand "Networks", click "External", click "Add", and then click"
    | > Close".
    | >
    | > 14. On the "Access Rule Destinations" page, click "Next".
    | >
    | > 15. On the "User Sets" page, click the user sets that you want, and
    then
    | > click "Next".
    | >
    | > - It must be listed before any access rule for which the
    | > "All authenticated users" setting has been selected.
    | >
    | > - It must be listed before any access rule for which one or both of
    the
    | > following user sets have been selected:
    | >
    | > - Specific user groups
    | > - Specific users
    | >
    | > 16. Review the information that is on the wizard summary page, and then
    | > click "Finish".
    | >
    | > 17. In the "Firewall Policy" details pane, click "Apply" to apply the
    new
    | > access rule.
    | >
    | > If you make sure that you have create the SMTP outbound rule
    successfully,
    | > please refer to the following KB article to save the ISA logging as a
    file
    | > and send it to me for research. Please send me the firewall log for
    | > research. (This is very important for us to identify the issue. Please
    | > carefully go through the KB article below)
    | >
    | > 838241 How to configure logging in ISA Server 2004
    | > http://support.microsoft.com/?id=838241
    | >
    | > Please also paste any ISA and Exchange related error event to newsgroup
    for
    | > further research.
    | >
    | > I really appreciate your effort on this issue, please feel free to let
    me
    | > know the results. I am glad to be of assistance.
    | >
    | >
    | >
    | > Best regards,
    | >
    | > Charles Yang (MSFT)
    | >
    | > Microsoft CSS Online Newsgroup Support
    | >
    | > Get Secure! - www.microsoft.com/security
    | >
    | > ======================================================
    | > This newsgroup only focuses on SBS technical issues. If you have issues
    | > regarding other Microsoft products, you'd better post in the
    corresponding
    | > newsgroups so that they can be resolved in an efficient and timely
    manner.
    | > You can locate the newsgroup here:
    | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | >
    | > When opening a new thread via the web interface, we recommend you check
    the
    | > "Notify me of replies" box to receive e-mail notifications when there
    are
    | > any updates in your thread. When responding to posts via your
    newsreader,
    | > please "Reply to Group" so that others may learn and benefit from your
    | > issue.
    | >
    | > Microsoft engineers can only focus on one issue per thread. Although we
    | > provide other information for your reference, we recommend you post
    | > different incidents in different threads to keep the thread clean. In
    doing
    | > so, it will ensure your issues are resolved in a timely manner.
    | >
    | > For urgent issues, you may want to contact Microsoft CSS directly.
    Please
    | > check http://support.microsoft.com for regional support phone numbers.
    | >
    | > Any input or comments in this thread are highly appreciated.
    | > ======================================================
    | > This posting is provided "AS IS" with no warranties, and confers no
    rights.
    | >
    | >
    | > =====================================================
    | > When responding to posts, please "Reply to Group" via your newsreader
    so
    | > that others may learn and benefit from your issue.
    | > =====================================================
    | >
    | > This posting is provided "AS IS" with no warranties, and confers no
    rights.
    | >
    | > --------------------
    | > | Thread-Topic: can't send SMTP mail out using alt. SMTP svc
    | > | thread-index: AcYE7FCAzerYRsmWT+eC3YYdh2SU1w==
    | > | X-WBNR-Posting-Host: 71.244.217.215
    | > | From: "=?Utf-8?B?Um9iIFBldHRyZXk=?="
    | > <>
    | > | Subject: can't send SMTP mail out using alt. SMTP svc
    | > | Date: Mon, 19 Dec 2005 14:34:03 -0800
    | > | Lines: 19
    | > | Message-ID: <>
    | > | MIME-Version: 1.0
    | > | Content-Type: text/plain;
    | > | charset="Utf-8"
    | > | Content-Transfer-Encoding: 7bit
    | > | X-Newsreader: Microsoft CDO for Windows 2000
    | > | Content-Class: urn:content-classes:message
    | > | Importance: normal
    | > | Priority: normal
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
    | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
    | > | Path:
    TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
    | > | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:231246
    | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > |
    | > | I am using no-ip.com's alternate SMTP service for a client with a
    | > | dynamic IP. They use port 3325 to send mail out.
    | > |
    | > | I upgraded this client to SP1, including ISA 2004. Everything went
    | > | perfect until the ISA upgrade. It uninstalled ISA 2000, began to
    | > | install ISA 2004 fresh, and croaked. Multiple times - same error.
    | > |
    | > | System down - call MS - fixed an hour later, but I lost all of my
    | > | settings. Including how I had ISA 2000 set up to pass the port.
    | > |
    | > | I've been working on this all weekend, and am no longer thinking
    | > | clearly. Everything else is still set up, so if I can set up ISA 2004
    | > | to send outgoing SMTP using port 3325, I'm all set.
    | > |
    | > | Help!
    | > |
    | > | Rob Pettrey
    | > |
    | > |
    | > |
    | >
    | >
    |
     
    Charles Yang [MSFT], Dec 20, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.