not sure how to title this question...

we run an exchange server with around 80 internal users, all outgoing mail is relayed off a smart host (ISP smtp server) so nothing is actually sent to the world via our server. i wanted to check the server, locally i can telnet to port 25 with no issues and receive the esmtp service ready reply. whenever i do it from an external address (off our local network) i receive unable to connect error 10060.

can this cause problems with SPF records, and reverse DNS ? should my exchange server be able to accept smtp requests, requiring authentication before i am able to send from external addresses? if so how...

also the exchange server is behind a NAT (asa) device, more than likely thinking that the nat is not configured to route the smtp 25 request to the exchange server..



if your Exchange server is successfully receiving emails from the outside world, then port 25 has already been forwarded on your NAT device to the internal Exchange server. You should be able to telnet to your server on port 25 from the outside world - if not then you wouldn't be able to receive any emails from outside the network.

So it sounds like you want to know how to use your server as a relay from the outside. You need to configure that in the SMTP virtual server settings in Exchange (depedns on the version of Exchange).

You will want to be careful that you don't create an open relay - otherwise you will be slammed by spammers, black-listed and your ISP will probably shut down that port.


thats how i discovered this, checking to see if my mail server may be an open relay (double check..) and could not connect to it via smtp from an outside network. i'm using the wifi of a coffee shop across the street to telnet to my servers external ip using 25 and getting the connection refused.. whenever i do it locally using its internal address (192.168.x.x) i can connect fine. any ideas why this would be?