Skip to main content

Change SMTP port 25 in Exchange 2007, 2010

For some reason you might want to change default SMTP port number 25 Exchange 2007 is using. Exchange 2007 uses RECEIVE AND SEND connectors, one for receiving mails and other for sending mails (obviously ;)
So you need to change ports on those connectors. I will not say those two, because you might be using more than two.
You change Receive connector port by opening the connector properties in Exchange Management Console --> Hub Transport --> RECEIVECONNECTORNAME --> Properties --> Network --> Local IP Addresses (Edit Receive Connector Binding)
Just to clarify what "Local IP Addresses" and "Remote Servers" are (from Exchange 2007 help), because I find it little bit confusing:
Use these local IP Addresses to receive mail
Use this list to specify the IP addresses and port numbers on which this Receive connector listens for incoming mail.
Receive mail from remote servers which have these IP addresses
Use this list to specify the remote IP address range from which this Receive connector accepts connections.

You change Send Connector port by using PowerShell. Open Exchange Management Shell and type:

Get-SendConnector -Identity "SENDCONNECTORNAME" | fl
Check the port number then type:
Set-SendConnector -Identity "SENDCONNECTORNAME" -port 26
In this example I set port 26 as SMTP port for sending messages. Check the change by typing

Get-SendConnector -Identity "SENDCONNECTORNAME" | fl
HUB and EDGE servers are responsible for mail transport, so include all the servers you need in your requirement.

Comments

  1. Great!!!!!!!!! Thank you. I was pulling my hair out trying to locate where to chnage the outbound port. AT&T blocks outbound 25.

    ReplyDelete
  2. This fixed my SBS 2008 server after my ISP started blocking port's 25. I used port forwarding on the router for the inbound.
    Thank you

    ReplyDelete
  3. thanks a bunch... the commandlet made my evening. A beer in your name

    ReplyDelete
  4. Great job.
    Just changing from 2003 Exchange to 2007 and I really got stucked with this new type of topology.

    ReplyDelete
  5. Hi, thanks for the tips. I need some help on configuring ASSP and Exchange 2007.

    I have a SBS2008 with Exchange on the same server. I have setup my ASSP incoming port to 25, and the send to exchhange port 125. Then exchange reply from port 225 to ASSP receiving port 225 and then send to internet by port 25.

    I'M I ok ??
    what connector do i need in total for outgoing and incoming.

    Thanks in advance

    ReplyDelete
  6. Yes, This is awesome! You saved my A**! Thanks man!

    ReplyDelete
  7. Hi!
    I have sbs 2008.
    And i have problem with smtp port!
    My smtp port is 25 and i will change on 587. Whan i change on 587 i send mail no problem but i can't receive nobody mail. Why?

    ReplyDelete
  8. Hi thanks for your post.
    So far, it looks to be the most promising.
    We are supposed to change our outgoing SMTP port and it is like studying Greek to me.
    Get-SendConnector -Identity "SENDCONNECTORNAME" | fl

    Am I supposed to substitute something for the word SENDCONNECTORNAME? It says it can't find it. I substituteds the server name etc. but it seems to want something else. Any help would be appreciated.

    Thanks again and thanks in advance.
    B.

    ReplyDelete
  9. Okay, I figured it out. I had to use the whole long name that was listed in the "Send Connectors" Tab of the Hub Transport under Organizational Configuration in the Exchange Managementn Console. In my case the name was "Windows SBS Internet Send XXSERVER" Once I substituted that, it was all good. Thanks again for your very useful help.

    ReplyDelete
  10. Hi can Anybody help me with how to turn on SSL on in exchange 2007

    ReplyDelete
    Replies
    1. If by "turn on SSL on in exchange 2007" you mean enable SSL in OWA then check this page https://technet.microsoft.com/en-us/library/bb123583(v=exchg.141).aspx or look for similar articles.

      Delete
  11. This comment has been removed by a blog administrator.

    ReplyDelete

Post a Comment

Popular posts from this blog

Netscaler vs Exchange 2019 "time out during ssl handshake stage

If you are using Citrix Netscaler as load balancer in front of Exchange 2019 server you must know this: Microsoft Exchange 2019 is secured by default and allows only TLS 1.2. Therefore default schannel settings are as follows (using IISCrypto tool from Nartac Software): While Citrix Netscaler offers following Cipher Suites: TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 TLS_DH_anon_WITH_DES_CBC_SHA TLS_DH_anon_WITH_AES_128_CBC_SHA TLS_DH_anon_WITH_AES_256_CBC_SHA TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA Now, you will fi

Reason: [{LED=250 2.1.5 RESOLVER.GRP.Expanded; distribution list expanded};{MSG=};{FQDN=};{IP=};{LRT=}]

 If you got this error checking the mail flow for a distribution group, it means the distribution group is closed and only internal senders can send e-mail to this group. When outside user sends e-mail to this group you get  Reason: [{LED=250 2.1.5 RESOLVER.GRP.Expanded; distribution list expanded};{MSG=};{FQDN=};{IP=};{LRT=}] Set Delivery for this group to internal and external users and your problem will be solved. 

Ports that need to be open on Firewall for Edge Transport servers

Ports that need to be open on firewall for Edge Server subscription with Hub Server to function properly: For Inbound traffic: SMTP - TCP port 25 (from Internet) SMTP - TCP port 25 (from Edge server to Hub server on internal network) For Outbound traffic: SMTP - TCP/UDP port 25 (from Edge to Internet) SMTP - TCP/UDP port 25 (from Hub to Edge server) LDAP for EdgeSync - TCP port 50389 (from Hub to Edge server) Secure LDAP for EdgeSync - TCP port 50636 (from Hub to Edge server) Since Edge server needs to communicate with Hub server it is important that it can resolve Hub transport servers by FQDN and Hub transport servers must be able to resolve Edge servers by its FQDNs. To accomplish this you need to either open 53 (DNS) port and configure internal network adapter to use internal DNS but as a security precaution I would suggest to enter DNS records for Edge servers on local DNS manually and to fill hosts file on Edge servers with FQDNs for Hub transport servers.