Port 25 is blocked
[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at https://go.microsoft.com/fwlink/?linkid=34707.]
Topic Last Modified: 2006-10-06
The Microsoft® Exchange Server Analyzer Tool reads the following registry value to determine whether McAfee VirusScan for Microsoft Exchange is installed on the server that is running Exchange Server:
HKEY_LOCAL_MACHINE\Software\Network Associates\TVD\VirusScan Enterprise\CurrentVersion
The Exchange Server Analyzer also queries the following registry branch to determine how the VirusScan product is configured to block ports:
HKLM\Software\Network Associates\TVD\Shared Components\On Access Scanner\BehaviourBlocking
The keys in this branch are used to configure which processes and ports are blocked or allowed with the On Access feature of the VirusScan product.
Finally, the Exchange Server Analyzer also queries the Win32_Service Microsoft Windows® Management Instrumentation (WMI) class for the value of the Started key for the McAfee VirusScan service to determine whether it is running on the Exchange server.
A value of False indicates that the McAfee VirusScan service is not running on this Exchange server. A value of True indicates that the McAfee VirusScan service is running.
The Exchange Server Analyzer displays a warning if the following conditions are true:
McAfee VirusScan is installed and running on the Exchange server.
The "Prevent mass mailing worms from sending mail" blocking rule is enabled for Port 25.
The Exchange Simple Mail Transfer Protocol (SMTP) service is not excluded from the blocking rule.
This warning indicates that the McAfee VirusScan application is configured so that it could block legitimate Exchange Server communication through port 25. Mail flow problems might occur.
To address this issue:
Consider whether to disable the "Prevent mass mailing worms from sending mail" blocking rule.
Add the Exchange Server SMTP service to the exclusion list for the "Prevent mass mailing worms from sending mail" blocking rule.
For More Information
For more information about how to configure McAfee VirusScan for Microsoft Exchange, visit the McAfee Service Portal (http://knowledge.mcafee.com/).
Note
The third-party Web site information is provided to help you find the technical information that you need. The URLs are subject to change without notice.
For more information about the different types of virus-scanning programs that are typically used with Microsoft Exchange Server 2003, see the Microsoft Knowledge Base article 823166, "Overview of Exchange Server 2003 and antivirus software" (https://go.microsoft.com/fwlink/?LinkId=3052&kbid=823166).
For more information about the different types of virus-scanning programs that are typically used with Microsoft Exchange 2000 Server, see the Knowledge Base article 328841, "Exchange and antivirus software" (https://go.microsoft.com/fwlink/?LinkId=3052&kbid=328841).
For information about fortifying an Exchange environment against e-mail transmitted viruses and worms, see the Microsoft white paper, "Slowing and Stopping E-Mail Transmitted Viruses in an Exchange Environment" (https://go.microsoft.com/fwlink/?LinkId=30732).