
	Home > Microsoft Exchange Tips > Exchange Server Administration Tips > Beware of firewalls that block Exchange Server's SMTP/POP3 communications

Exchange Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

EXCHANGE SERVER ADMINISTRATION TIPS

Beware of firewalls that block Exchange Server's SMTP/POP3 communications

Serdar Yegulalp
10.04.2006
Rating: --- (out of 5)

Exchange Server tips, tutorials and expert advice

Digg This! StumbleUpon Del.icio.us

Many proxies and firewalls are sensitive to SMTP and POP3 conversations because of the potential for a buffer overflow or denial of service (DoS) attack.

In fact, at least one attack using a proprietary Exchange Server verb has already been enumerated.

That said, it doesn't make sense to block all the custom Exchange Server verbs that are used in this context, since that can break needed functionality.

Exchange Server uses three proprietary verbs: X-EXPS, X-LINK2STATE and XEXCH50. None of these Exchange Server verbs are as well-documented as they could be, and they are often blocked by firewalls or proxies that aggressively manage SMTP/POP3 traffic.

When this happens, a number of symptoms can manifest:

One of the most common offenders creating these issues is the Cisco's PIX firewall software, specifically their Mailguard feature. Since it allows only seven basic SMTP commands and no custom Exchange Server verbs to travel in either direction,

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	ISA Server and Firewalls for Microsoft Exchange Server
	Top 5 Exchange mobile tips of 2008
	Microsoft Exchange Server security dos and don'ts
	Windows SBS and Exchange Server security configuration best practices
	Why Exchange ActiveSync fails with NAT firewalls
	Deploying ISA Server as a firewall for Exchange Server mobile devices
	Adjust your firewall to avoid Exchange 2007 Direct Push failures
	OWA stops working from external network connection
	Enhance OWA logon security using Microsoft ISA Server
	Firewall problems with Exchange Server 2007 email attachments
	How and why to disable certain ESMTP verbs

SMTP

Changing email address formats in Exchange Server 2003

Exchange users receiving email addressed to legacy users

Configure BES to direct email from a new domain email address

Troubleshooting Microsoft Exchange Server Event ID error 6009

How to lock down an SMTP relay to prevent spam in Exchange Server 2003

Tool helps identify inbound Exchange Server email flow issues

Configure SMTP relay restrictions in Exchange Server 2003 to stop spam

Exchange email sent to a domain using SPF authentication is returned

Why can't POP3 clients receive Exchange Server email?

Exchange event sink scripting error when configuring email disclaimer

POP3

Stop personal calendar appointments from showing on Exchange Server

Email mistakenly marked as 'read' when received on BlackBerry devices

Should I allow our BES to access my personal POP3 email account?

Why can't POP3 clients receive Exchange Server email?

Tools and methods for disabling IMAP and POP in Exchange Server 2003

Configure a mobile device to receive POP3 email from Exchange Server

Email sent to a PDA doesn't get saved in Exchange Server mailbox

Can I back up Exchange Server with a POP3 hosted email server?

Set up Outlook to use POP3 email and Exchange calendars on Windows SBS

Forward Exchange Server email to an ISP using Active Directory

POP3 Research

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

reverse proxy server (SearchExchange.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

it has been implicated in creating numerous problems with Exchange server communications. Symantec's Raptor Firewall has also been a culprit.

In short, any firewall or proxy that screens SMTP/POP3 verbs needs to be given a careful once-over when used with Exchange Server.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter.

Do you have comments on this tip? Let us know.

Related information from SearchExchange.com:

Expert Advice: Cisco PIX firewall causing Exchange connectivity problems

Tip: Firewall policies and SMTP line lengths

Tip: How HTTP verbs can 'hang' Outlook Web Access

Reference Center: Exchange Server firewall tips and resources

Please let others know how useful this tip was via the rating scale below. Do you have a useful Exchange Server or Microsoft Outlook tip, timesaver or workaround to share? Submit it to SearchExchange.com. If we publish it, we'll send you a nifty thank-you gift.

Rate this Tip

To rate tips, you must be a member of SearchExchange.com.
Register now to start rating these tips. Log in if you are already a member.

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Email Server Solutions: Exchange 2007, Exchange 2003, Exchange 2000, SharePoint

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2004 - 2009, TechTarget \| Read our Privacy Policy