KBI 310563 SMTP Port 25 Availability Fails Due To Firewall Restrictions

Version

Argent Advanced Technology 3.1A-1307-A or above

Date

Tue, 25 Jun 2013

Summary

Doing port scanning on specific ports is a way of testing the availability of an application or even a server.

Rules with such functionality are available in Argent Guardian (Argent Extended Technology) and Argent for Exchange (Argent Advanced Technology).

Although the Rule in one application may function properly, it may break in the other.

Technical Background

Port scans from Argent Daughter Engines over specific port 25 passes fine from Argent Guardian and via an Argent-independent tool such as telnet (telnet TARGETSERVER 25)

However when attempting to run the Relator in test mode in another product, the Rule fails.

Resolution

The server’s firewall application may be restricting access. (Especially as port 25 can be used for mass-mailing malware and spams)

Ensure all processes in the Argent installed folder is excluded from the firewall, or the {PRODUCT}_MONITOR_ENGINE.EXE are allowed.

E.g.C:\Argent\ArgentForExchange\X64\ ARGSOFT_EX_MONITOR_ENGINE.EXE

Below, are a number of screenshots showing the steps to rectify this in McAfee Virus Scan Enterprise 8.8.0:

The blocking rule as shown in McAfee logs:

Shows which .exe file and what port is being restricted:

To address this in McAfee’s VirusScan Enterprise 8.8.0 in access protection policy for “SERVER”

The .exe file is added so the connection will be allowed.