Solved

SMTP service in XP

Posted on 2004-04-20
16
728 Views
Last Modified: 2010-08-05
Hi,

I am trying to use the IIS SMTP service. I managed to sort out everything except: I cannot send out email. I turned on logging and:

EHLO to hotmail OK
MAIL FROM and RCPT TO ... OK

Then it issues a BDAT 2254 LAST command, and waits.... until it times out and the message is not send. I can see in the event viewer, that "connection dropped by remote host" or similar.

I checked it on Windows 2000 IIS SMTP and it uses DATA command after that it is successfully sent and the QUIT command is also successful. In case of XP it cannot send the email.

Is this a problem with BDAT or I am missint some configuration?

THanks

Charlie
0
Comment
Question by:Chopinke
  • 7
  • 5
16 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 250 total points
Comment Utility
there is a DoS vulnerability in iis that allows malformed bdat command to crash iis.

you may be seeing the effect of that.  i didn;t look to see how to disable BDAT, if you can find out how to stop issuing BDAT and use normnal DATA instead, you will probably resolve this behaviour.

cheers,  Mike.
0
 
LVL 1

Author Comment

by:Chopinke
Comment Utility
I read that, but that was fixed, wasn't it? Also if that BDAT command is disabled on the receiving end, then why isn't there a nont 250OK response?

I am sure using DATA instead if BDAT would solve the issue, so if you could tell me how to do that that would be great.

THanks,

Charlie
0
 
LVL 1

Author Comment

by:Chopinke
Comment Utility
I change this questions to 500 points, for anybody who can tell me how to make BDAT work on Windows XP, apparently this problem is present on Windows 2000 IIS SPTM server too.

Disabling this option is not okay, because in the SMTP LOG I saw HOTMAIL issuing this command to send email to my SMTP server... and we cannot make HOTMAIL change their policy!

I am sure it is some settings in the registry or SMTP server, I just cannot find what it can be.

I have all the lates security patchec applied.

Thanks,

Charlie
0
 
LVL 37

Expert Comment

by:meverest
Comment Utility
hi,

it's not *your* server that is your concern here, it is the other end that is causing trouble.

your logs imply that the bdat is issued to the remote server/s, and the remote never responds.  possibly it is bombing and terminating the connection, therefore the mail is never delivered.

as you say, you have no chance of convincing hotmal admins to change their behaviour, so it may be pertinent to stop your end using bdat for outgoing mail.

cheers.
0
 
LVL 37

Expert Comment

by:meverest
Comment Utility
suggest accept meverest.
0
 
LVL 1

Author Comment

by:Chopinke
Comment Utility
I got no answer to my question. Offer to disable BDAT and use DATA is not an answer, since that was the question (or actually to make BDAT work), when I increased it to 500 points.

Please don't issue the points to anybody.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 37

Expert Comment

by:meverest
Comment Utility
often there is a difference between the answer you want and the right answer.

as per my comment previosuly, "to get bdat to work requires the ather end to support it".  I am sorry if the correct answer is not the answer you want to hear, but it is still a valid response.

regards,  Mike.
0
 
LVL 1

Author Comment

by:Chopinke
Comment Utility
See my comment as pf 4/28/2004:

" I change this questions to 500 points, for anybody who can tell me how to make BDAT work on Windows XP, apparently this problem is present on Windows 2000 IIS SPTM server too."

This question was not answered, I won't approve giving anybody any points.

Admin, please close this question as unresolved.
0
 
LVL 37

Expert Comment

by:meverest
Comment Utility
i quote from the original post:

>> Is this a problem with BDAT or I am missint some configuration?

i gave what i argue is the correct response.  you can't change the question half way and then complain that nobody answered your question.

>> I change this questions to 500 points, for anybody who can tell me how to make BDAT work on Windows XP

i gave the correct answer to that too.  in fact BDAT apparently *is* working on your system.  just that the remote end refuses to accept it.  you can control your own systems but you cannot expect to enforce your configuration to the other end.

"Q: Tell me how to make lead into gold"
A: You can't

it may not be the answer requested, but it is the correct answer.

regards,  Mike.
0
 
LVL 37

Expert Comment

by:meverest
Comment Utility
oh, and just in case it matters to you:  I don't care less about points or no points - what do you think points are to me?  I can't spend them on beer! ;-)  this is a matter of principle.


0
 
LVL 33

Expert Comment

by:humeniuk
Comment Utility
Chopinke,

Given that there is some disagreement here, I read over the question a few times before posting this recommendation.  I have to agree with meverest that it appears the question was answered.  However, please note that all objections will be read by the moderators who make the final determination as to how the question will be closed.

Humeniuk
EE Cleanup Volunteer
0
 
LVL 1

Author Comment

by:Chopinke
Comment Utility
I think it's very shortshighted commend, that the question was answered. I the first thing comes on google is that "there is a vulnerability in BDAT".

And again: the question was raised to 500 points, and not answered.

I maintain my previous statement, the question was not answered, what you think is an answer is nothing, but a simple comment after spending 1 minute on google.
0
 
LVL 37

Expert Comment

by:meverest
Comment Utility
why would i spend time on google to save you one minute of your time?

<sheesh> no pleasing some people.  i don't care what is done with this q - i know what i'll do next time i see a post from him in this forum.

0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Today I came across an interesting issue that had me pulling my hair out.  I was troubleshooting a new internal web site which uses integrated security instead of anonymous.  When browsing the site from my laptop, I was able to access it with no iss…
First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now