Solved

Exchange 2003 - SMTP Protocol Diagnostic Logging - User Authentication - Doesn't Work

Posted on 2009-03-30
8
1,479 Views
Last Modified: 2013-11-30
Various articles I have found here and on the web (e.g. http://www.amset.info/exchange/spam-cleanup.asp) suggest that setting the Exchange Server SMTP Protocol Diagnostic Logging Level to Maximum will cause ID 1708 events to be posted to the Application log reporting the SMTP authentication username and client PC. There doesn't seem to be much room for error, but I just cannot get this to work. Anybody got any idea what I might be doing wrong?
0
Comment
Question by:jeff1946
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
8 Comments
 
LVL 14

Accepted Solution

by:
Kaffiend earned 167 total points
ID: 24025605
Restart the MSExchange Transport service.

Then, test and see if the logging is working by trying to send email using SMTP authentication. It could be that authenticated SMTP is not the problem, thus you would not see any EventID 1708s.  

(Your Exchange server needs to be set up to do authenticated SMTP for any of this to work, of course)
0
 
LVL 1

Author Comment

by:jeff1946
ID: 24029117
Kaffiend,

Thanks for your reply.

I restarted all the Exchange services. Sent messages with a non-Outlook SMTP client configured for SMTP Authentication through the server configured to require SMTP authentication. Still no 1708 events in the App log.
0
 
LVL 1

Author Comment

by:jeff1946
ID: 24030549
I just noticed that the server logs Security events 538, 576, and 540 each time I send a mail message from my SMTP client. But still no App event 1708.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 333 total points
ID: 24038589
Even Microsoft state that event should show.
http://support.microsoft.com/kb/895853

Simon.
0
 
LVL 1

Author Comment

by:jeff1946
ID: 24044603
Can either of you (Kaffiend or Mestha) or anyone else for that matter confirm that this actually works on another Win2K3/Exchange2K3 server?
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 333 total points
ID: 24045401
The article you are referring to in your original question I wrote. So I know it works.

Simon.
0
 
LVL 1

Author Comment

by:jeff1946
ID: 25223635
Well, the E-E system keeps nagging me about this open question, but the fact is I never got to the bottom of it. My Exchange Server has NEVER logged event 1708, depite leaving the SMTP logging option at maximum for 6 months. All the clients are SMTP clients. There are no IMAP/Exchange clients. Nuts.
0
 
LVL 1

Author Closing Comment

by:jeff1946
ID: 31564650
Question unresolved after 6 months. Closing to stop the E-E system nag mail.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question