Go Premium for a chance to win a PS4. Enter to Win


basic relay lockdown for windows 2000/exchange 2000 server

Posted on 2009-06-30
Medium Priority
Last Modified: 2012-05-07
hi, i just had to reinstall my win 2000 sbs [exchange 2000 server, sp3]
i use a smart host for outbound mail.

i just want to make sure my setting are correct for properly sending mail outbound, as well as properly receiving mail to the server.
on my exchange 2000 server, smtp virtual server there are 2 tabs for security ive seen

1. is under the 'access' tab, there is an 'access control' [with authentication button] and a 'relay restrictions'.  under the access control /authentication, all 3 check boxes are checked [anonymous access, basic authentication, and  integrated windows authentication'.
all 3 are checked.

2. under the 'delivery' tab. there are several button options, 'outbound security', 'outbound connections', and 'advanced'.
'outbound security - has 'anononmyous' checked off and 'TLS enctyption'  checked off
'outbound connections' ive changed the outbound port to 2525 for my smart host'
'advanced' ive added the smart host name'

what are the defaults when installed, what needs to be changed when securing against outside relay spammers.
also, under the default smtp virtual server there is a 'queues' folder' with alot of a list of various domains thats it seems to have mail for or from, how do i delete these?


Question by:MarcHelfand
  • 6
  • 5

Author Comment

ID: 24773414
hi, thanks.
ive seen the telnet tests, and read the articles.... however, im somewhat more interested in somneone telling me  exactly which dialog boxes from my original post have to be checked off/not checked off.
what is the default exchange 2000 settings, and what exactly do i need to check/uncheck for my situation [single sbs 2000 server, 1 workstation connected, 2 user mailboxes, and i do use the owa.
LVL 40

Expert Comment

ID: 24773698

Your settings are OK. You can verify in access tab > relay > only listed below should be selected > and select "Allow all computers which successfully authenticate to relay regardless of the list above".
For more info : http://technet.microsoft.com/en-us/library/aa997301(EXCHG.65).aspx

 Let us know if you need any further information  
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 24781148
ya, its still not sending out email, ill need to troubleshoot more when i return to towen mid week. im away in midwest currently.

but i have those setting set, and still not going outbound.
LVL 40

Expert Comment

ID: 24782862
Is there any mail queue in your exchange server?
Are you sure that the smart host port is configured as 2525? Are you able to telnet smarthost on that port 2525 from exchange server and send mail?
Use the following commands to send mail using telnet :

telnet Smarthostname 2525
MAIL FROM: frommailID@youremail.com
RCPT TO: user@gmail.com
SUBEJECT : testmail
Hi This is a test mail

Author Comment

ID: 24785585
hi i did indeed try this, and i rec'd the mail from my gmail account. thus the smarthost is working.
however, i did need to turn off my smtp services to do this as the smarthost only allows 1 connection at a time.
they told me my server was trying to make connections to the mail smarthost server every millisecond, and was slowing their servers a little!
i double checked all the connections tabs you mentioned, and still no outbound connection.
LVL 40

Expert Comment

ID: 24785675
Do you have any mail queue?
Use SMTP logging and diagnostic logging to troubleshoot this issue. also do a message tracking and see what is happening.
Do you have any error in event logs?
Refer the msexchange article for details : http://www.msexchange.org/tutorials/Exchange-Server-2003-Mailflow-Part-2.html

Author Comment

ID: 24786226
yes under 'default smtp virtual server' there is 'current sessions' and 'queues'.
under queues, theres about a hundred or so misc domain names there all stating 'remote delivery', and on the right pane they say under the column 'connection state' either 'active or retry'.

i just enabled the logging of messages for the virtual server.

also i looked at that great article you sent , however it is for exchange 2003, i have exchange 2000 [although i know they are similiar, just some things in different areas.
i think i turned on the message logging, is that the same as the smtp logging you mentioned above

LVL 40

Expert Comment

ID: 24786363
Did you try message tracking?

SMTP logging enabled in server's SMTP VS and you can find the log files in C:\WINDOWS\System32\LogFiles (default path)
Diagnostic logging is enabled in server and you can find the error details in application log of the server.
Here is on MS webcast link will help you to get some info on ex 2000
LVL 40

Accepted Solution

Subsun earned 225 total points
ID: 24786400
I suspect the smart host is causing the issue. did you receive any error in event log after enabling the logging?

Note : You can add more zones or increase the question points so that the other experts will have a look at your question and have their opinion.

Author Closing Comment

ID: 31598285
hi, i ended up just migrating the site and email to a host.
no more hassling with an exchange server.
thanks for the help

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Steps to fix “Unable to mount database. (hr=0x80004005, ec=1108)”.
If you have come across a situation where you need to find some EDB mailbox recovery techniques, then here you will find the same. In this article, we will take you through three techniques using which you will be able to perform EDB recovery. You …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question