Problem solve Get help with specific problems with your technologies, process and projects.

Testing IP restrictions on port 25

I've restricted inbound SMTP connections on port 25 of my firewall to allow only e-mail from eight IP addresses of a spam-filter service outside the firm.

How do I send a test e-mail message directly to the external static address of my firewall to see if e-mail is delivered outside the range of the eight IPs?

The best and simplest way to test this is with a telnet session. Here is an example that you can use to test. Make sure you do this from a machine with an external IP address. Using an internal IP address may not give you the desired results.
Telnet ipaddress 25
Mail from:name@externaldomain.com
Rcpt to:name@domain.com
This is a relay test

Ipaddress -- is the IP address of the host that your MX record points to. In most cases this is an interface on a firewall that does network address translation (NAT).

name@externaldomain.com -– is any e-mail address you want to use outside your company. For example a hotmail or gmail account.

name@domain.com -- should be a valid address of an e-mail account in you company, probably yourself.

If your firewall is working, then you will not be able to even make the telnet connection on port 25. If you are able to get a connection, and subsequently send the test message, from any IP address other than the eight you specified, then the firewall is not working.

Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:

  • Tip: Many ISPs now blocking port 25
  • Tip: Open port security issues
  • Reference Center: Firewalls

  • Dig Deeper on Exchange Server setup and troubleshooting

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.