KBI 310563 SMTP Port 25 Availability Fails Due To Firewall Restrictions
Version
Argent Advanced Technology 3.1A-1307-A or above
Date
Tue, 25 Jun 2013
Summary
Doing port scanning on specific ports is a way of testing the availability of an application or even a server.
Rules with such functionality are available in Argent Guardian (Argent Extended Technology) and Argent for Exchange (Argent Advanced Technology).
Although the Rule in one application may function properly, it may break in the other.
Technical Background
Port scans from Argent Daughter Engines over specific port 25 passes fine from Argent Guardian and via an Argent-independent tool such as telnet (telnet TARGETSERVER 25)
However when attempting to run the Relator in test mode in another product, the Rule fails.
Resolution
The server’s firewall application may be restricting access. (Especially as port 25 can be used for mass-mailing malware and spams)
Ensure all processes in the Argent installed folder is excluded from the firewall, or the {PRODUCT}_MONITOR_ENGINE.EXE are allowed.
E.g.C:\Argent\ArgentForExchange\X64\ ARGSOFT_EX_MONITOR_ENGINE.EXE
Below, are a number of screenshots showing the steps to rectify this in McAfee Virus Scan Enterprise 8.8.0:
The blocking rule as shown in McAfee logs:
Shows which .exe file and what port is being restricted:
To address this in McAfee’s VirusScan Enterprise 8.8.0 in access protection policy for “SERVER”
The .exe file is added so the connection will be allowed.