basic relay lockdown for windows 2000/exchange 2000 server

hi, i just had to reinstall my win 2000 sbs [exchange 2000 server, sp3]
i use a smart host for outbound mail.

i just want to make sure my setting are correct for properly sending mail outbound, as well as properly receiving mail to the server.
on my exchange 2000 server, smtp virtual server there are 2 tabs for security ive seen

1. is under the 'access' tab, there is an 'access control' [with authentication button] and a 'relay restrictions'.  under the access control /authentication, all 3 check boxes are checked [anonymous access, basic authentication, and  integrated windows authentication'.
all 3 are checked.

2. under the 'delivery' tab. there are several button options, 'outbound security', 'outbound connections', and 'advanced'.
'outbound security - has 'anononmyous' checked off and 'TLS enctyption'  checked off
'outbound connections' ive changed the outbound port to 2525 for my smart host'
'advanced' ive added the smart host name'

what are the defaults when installed, what needs to be changed when securing against outside relay spammers.
also, under the default smtp virtual server there is a 'queues' folder' with alot of a list of various domains thats it seems to have mail for or from, how do i delete these?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MarcHelfandAuthor Commented:
hi, thanks.
ive seen the telnet tests, and read the articles.... however, im somewhat more interested in somneone telling me  exactly which dialog boxes from my original post have to be checked off/not checked off.
what is the default exchange 2000 settings, and what exactly do i need to check/uncheck for my situation [single sbs 2000 server, 1 workstation connected, 2 user mailboxes, and i do use the owa.

Your settings are OK. You can verify in access tab > relay > only listed below should be selected > and select "Allow all computers which successfully authenticate to relay regardless of the list above".
For more info :

 Let us know if you need any further information  
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

MarcHelfandAuthor Commented:
ya, its still not sending out email, ill need to troubleshoot more when i return to towen mid week. im away in midwest currently.

but i have those setting set, and still not going outbound.
Is there any mail queue in your exchange server?
Are you sure that the smart host port is configured as 2525? Are you able to telnet smarthost on that port 2525 from exchange server and send mail?
Use the following commands to send mail using telnet :

telnet Smarthostname 2525
SUBEJECT : testmail
Hi This is a test mail
MarcHelfandAuthor Commented:
hi i did indeed try this, and i rec'd the mail from my gmail account. thus the smarthost is working.
however, i did need to turn off my smtp services to do this as the smarthost only allows 1 connection at a time.
they told me my server was trying to make connections to the mail smarthost server every millisecond, and was slowing their servers a little!
i double checked all the connections tabs you mentioned, and still no outbound connection.
Do you have any mail queue?
Use SMTP logging and diagnostic logging to troubleshoot this issue. also do a message tracking and see what is happening.
Do you have any error in event logs?
Refer the msexchange article for details :
MarcHelfandAuthor Commented:
yes under 'default smtp virtual server' there is 'current sessions' and 'queues'.
under queues, theres about a hundred or so misc domain names there all stating 'remote delivery', and on the right pane they say under the column 'connection state' either 'active or retry'.

i just enabled the logging of messages for the virtual server.

also i looked at that great article you sent , however it is for exchange 2003, i have exchange 2000 [although i know they are similiar, just some things in different areas.
i think i turned on the message logging, is that the same as the smtp logging you mentioned above

Did you try message tracking?

SMTP logging enabled in server's SMTP VS and you can find the log files in C:\WINDOWS\System32\LogFiles (default path)
Diagnostic logging is enabled in server and you can find the error details in application log of the server.
Here is on MS webcast link will help you to get some info on ex 2000
I suspect the smart host is causing the issue. did you receive any error in event log after enabling the logging?

Note : You can add more zones or increase the question points so that the other experts will have a look at your question and have their opinion.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MarcHelfandAuthor Commented:
hi, i ended up just migrating the site and email to a host.
no more hassling with an exchange server.
thanks for the help
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.