port 25 workaround

Discussion regarding the Standard version.
Post Reply
ripmurdock
Posts: 6
Joined: Tue Aug 11, 2020 5:56 pm

port 25 workaround

Post by ripmurdock »

Hello,

I'm attempting to setup a simple MailEnable server on a dedicated Windows 7 Pro PC.

What is the workaround if port 25 inbound is blocked by my ISP?

What is the workaround if port 25 outbound is blocked by my ISP?

Is there anything I can say to my ISP that will convince them to unblock port 25 inbound?

Does anyone know if AT&T or Comcast block port 25 inbound and/or outbound?

Thanks for your help!

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: port 25 workaround

Post by MailEnable-Ian »

Hi,

If your ISP blocks inbound or outbound then your only solution is to have the port unblocked or change to a plan that allows port 25 traffic. Here is an AT&T forum thread: https://forums.att.com/conversations/att-fiber-account/unblocking-port-25-2018-version/5deff557bad5f2f6066bc3f3
Regards,

Ian Margarone
MailEnable Support

ripmurdock
Posts: 6
Joined: Tue Aug 11, 2020 5:56 pm

Re: port 25 workaround

Post by ripmurdock »

My ISP now says port 25 is only blocked for outbound traffic and is not blocked for inbound traffic, which is the third answer their tech support has provided to this one question.

Should mailenable use port 587 for outbound traffic if "Listen on alternate port" is checked in SMTP "Port Settings" and the field is populated with 587?

I am able to send and receive email on mail.mydomain.com from Outlook within my LAN.

When I send email to an email address outside of my LAN, I receive this error in the Debug Log:
Error (9005): Could not resolve MX list for domain [gmail.com]

When I test nslookup, nslookup, for gmail.com in CMD, the PC running mailenable successfully resolves the MX preferences.

When I send an email to an email address on mydomain.com from outside the LAN, delivery fails.

MXLookup at mxtoolbox.com successfully resolves mydomain.com to mail.mydomain.com and the correct IP address.

In Windows Firewall I've added an inbound rule opening local ports 25, 143 and an outbound rule opening local ports 25, 587.

In the WAN settings for my router I've added Port Forwarding to the PC running mailenable for ports 25 and 143 under both Port Range and Local Port.

I am able to telnet mail.mydomain.com 25, and also ping mail.mydomain.com from another PC when connected to my LAN, but not from another PC connected to the internet from outside my LAN.

Let me know what I'm missing.

Thanks for your help.

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: port 25 workaround

Post by MailEnable-Ian »

Hi,
Error (9005): Could not resolve MX list for domain [gmail.com]
The above error usually indicates that the DNS addresses you have specified within the MailEnable SMTP properties are not able to resolve correctly. Try and change to only use google DNS to see if this works (8.8.8.8 and 8.8.4.4).
Regards,

Ian Margarone
MailEnable Support

ripmurdock
Posts: 6
Joined: Tue Aug 11, 2020 5:56 pm

Re: port 25 workaround

Post by ripmurdock »

Thanks.

I've tried these values in the DNS address(es) field under SMTP Properites/General:
local PC IP address, blank, 8.8.8.8 8.8.4.4 (suggested above), four IP addresses for mydomain host (mxtoolbox.com originally resolved mydomain.com to these IP addresses, but now resolves to local PC IP address)

When attempting to send an email, I still receive this error: Error (9005): Could not resolve MX list for domain [example.com] error. I've included the full log below.

In the meantime, while I cannot telnet mail.mydomain.com 25 or connect through Outlook from a second PC#2 unless PC#2 is on my LAN, someone else can. Six attempts were mail to connect to my mailenable server with fraudulent user accounts, up to 16 times for each fraudulent user account.

What measures can I take to limit access?

A search of the MailEnable Standard Guide returns a "Mailbox - Auth Policies" and a "Postoffice - Auth Policies". Where are these settings in the application? I couldn't find them.

Also, is it possible to change the user name to a name that does not include mailboxname?

Is it possible to limit the number of log-in attempts by user account and/or IP address?

Are the IP addresses of failed authentications recorded anywhere?

For example, is the IP address of this attempted to access the server recorded anywhere?

08/13/20 00:05:37 SMTP-IN 079EBB9FD1024379BD689CF0CDE8F32F.MAI 924 193.56.28.144 RSET RSET 250 Requested mail action okay, completed 43 6 administrator@mydomain.com
08/13/20 00:05:37 SMTP-IN 079EBB9FD1024379BD689CF0CDE8F32F.MAI 924 193.56.28.144 AUTH AUTH LOGIN 334 VXNlcm5hbWU6 18 12 administrator@mydomain.com
08/13/20 00:05:37 SMTP-IN 079EBB9FD1024379BD689CF0CDE8F32F.MAI 924 193.56.28.144 AUTH {blank} 334 UGFzc3dvcmQ6 18 54 administrator@mydomain.com
08/13/20 00:05:37 SMTP-IN 079EBB9FD1024379BD689CF0CDE8F32F.MAI 924 193.56.28.144 AUTH MTIzMTIz 535 Invalid Username or Password 34 10 administrator@mydomain.com


These are the Debug logs for my attempt to send an email from an Outlook client on my LAN. This client fails to connect when the PC is not on the LAN.

08/13/20 10:16:41 ME-I0135: Authenticated User:user@mydomain using Authentication Provider Credentials
08/13/20 10:16:41 ME-I0108: [336] Relay Granted: Sender has authenticated.
08/13/20 10:16:41 ME-I0149: [336] EB306A472AD144989D7B676E6AF607F3.MAI was received successfully and delivery thread was initiated
08/13/20 10:16:41 ME-I0018: [6005FBB7962A413F9DA1FA90ECB10C2A.MAI] Outbound message from ([SMTP:user@mydomain.com]) requeued as [1AF7446824A847CE864F96E25E307DE6.MAI] to the target domain [example.com]
08/13/20 10:16:41 ME-E0124: Error (9005): Could not resolve MX list for domain [example.com]
08/13/20 10:16:41 ME-I0026: [1AF7446824A847CE864F96E25E307DE6.MAI] Sending message
08/13/20 10:16:41 ME-E0059: [1AF7446824A847CE864F96E25E307DE6.MAI] Message Delivery Failure. Attempt (0): Could not connect to mail server for domain (example.com). The remote mail server could not be contacted at this time. Message has been requeued.
08/13/20 10:16:43 ME-I0074: [336] (Debug) End of conversation

Thanks for your help.

ripmurdock
Posts: 6
Joined: Tue Aug 11, 2020 5:56 pm

Re: port 25 workaround

Post by ripmurdock »

Thanks.

Under SMTP Properties\General\DNS address(es) I've tried:
local host IP address, router IP address, 8.8.8.8 8.8.4.4, blank, and four IP addresses for my domain host

Within CMD on the local host nslookup, set type = mx returns 5 mail exchanger servers by name (not IP address) for example.com.

Let me know what I'm missing.

Thanks for your help.

Debug log with Error (9005):

08/15/20 11:03:11 ME-I0135: Authenticated User:mymailbox@mydomain using Authentication Provider Credentials
08/15/20 11:03:11 ME-I0108: [964] Relay Granted: Sender has authenticated.
08/15/20 11:03:11 ME-I0149: [964] 1A1A118EEB754DD28F705AE1D159E528.MAI was received successfully and delivery thread was initiated
08/15/20 11:03:11 ME-I0018: [64BFCB38A4BF4315B9DB59C76CCF6276.MAI] Outbound message from ([SMTP:mymailbox@mydomain.com]) requeued as [A78B61D5E5814F28B5689EAC094C2265.MAI] to the target domain [example.com]
08/15/20 11:03:12 ME-E0124: Error (9005): Could not resolve MX list for domain [example.com]
08/15/20 11:03:12 ME-I0026: [A78B61D5E5814F28B5689EAC094C2265.MAI] Sending message
08/15/20 11:03:12 ME-E0059: [A78B61D5E5814F28B5689EAC094C2265.MAI] Message Delivery Failure. Attempt (0): Could not connect to mail server for domain (example.com). The remote mail server could not be contacted at this time. Message has been requeued.
08/15/20 11:03:13 ME-I0074: [964] (Debug) End of conversation

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: port 25 workaround

Post by MailEnable-Ian »

Hi,

If your having issues using nslookup and DNS resolution then your problem is not with MailEnable and more so network environment. You will need ti sort your problems with DNS resolution first.

As for your problems with server abuse please see:

https://www.mailenable.com/kb/content/article.asp?ID=me020339
Regards,

Ian Margarone
MailEnable Support

ripmurdock
Posts: 6
Joined: Tue Aug 11, 2020 5:56 pm

Re: port 25 workaround

Post by ripmurdock »

Hi,

nslookup successfully resolves MX addresses through 8.8.8.8 as wells a my ISP's DNS address 208.201.224.11.

I've tried both in SMTP Properties/General/DNS address(es), and I receive the same error:
Error (9005): Could not resolve MX list for domain [mailenable.com]

Thanks for your help.
nslookup mailenable.jpg
nslookup mailenable.jpg (41.35 KiB) Viewed 13626 times

ripmurdock
Posts: 6
Joined: Tue Aug 11, 2020 5:56 pm

Re: port 25 workaround

Post by ripmurdock »

Hi,

I've also tried turning Windows firewall off and turning my router firewall off.

And I've confirmed that my ISP does not block email servers from resolving MX lists.

Any idea why nslookup can resolve MX addresses through DNS addresses 8.8.8.8 and 208.201.224.11 while Mailenable generates this error?
Error (9005): Could not resolve MX list for domain [mailenable.com]

Thanks.

MartynK
Posts: 1376
Joined: Sat Dec 28, 2002 1:12 am
Location: Hong Kong

Re: port 25 workaround

Post by MartynK »

Each time you make changes to the Mailenable services, are you restarting the services ?

I tend to run my own DNS server on my windows PC (if your running on a server version).

This way you just point Mailenable to 127.0.0.1 and then configure the local DNS servers with the forwarders 8.8.8.8 an 8.8.4.4

This will also speed up lookups to a certain extent as you will get better cache locally for certain things.

Also remember to change the DNS settings on your NIC to look at the local server.

Post Reply