John, I didn't say the ACL change was the ONLY way. I use the script because I use the information in the badmail logs for debugging. In fact, the first change I made to my Exchange 2003 sp1 servers was to turn badmail back on. But I turn NDR's off, so my badmail is small to start with. The ACL change has several distinct advantages, first and foremost: the files never get created in the first place. Which is more efficient on older versions of Exchange. ________________________________ From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, April 14, 2005 1:17 PM To: [ExchangeList] Subject: [exchangelist] RE: Badmail (Exchange 2000) http://www.MSExchange.org/ I stand partially corrected. That script does have an option to "disable" by changing the permissions. I had not noticed that before. However, please show in quoted text where that is the right way to do that. I maintain 2 Exchange servers and consult on 3 others and not one of those has any problem with the badmail folder by using a simple script, including 2 that use the script you have posted on your blog and on here before. (Have not got around to changing the scripts on the other 3.) In fact, rereading your blog, it appears you are saying the simple delete script is the way to go. John T eServices For You -----Original Message----- From: Michael B. Smith [mailto:michael@xxxxxxxxxx] Sent: Thursday, April 14, 2005 9:41 AM To: [ExchangeList] Subject: [exchangelist] RE: Badmail (Exchange 2000) http://www.MSExchange.org/ No, I am not wrong. You are. Like I said John, look at the script. Here is your quoted text, straight from the script: '************************************************* ' Procedure DisableBadmail ' ' Disables badmail from being written to disk by ' restricting the permissions on a given folder. ' (this is done by adding a DENY FULL CONTROL ACE ' for the local system account). ' '************************************************* ________________________________ From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, April 14, 2005 12:33 PM To: [ExchangeList] Subject: [exchangelist] RE: Badmail (Exchange 2000) http://www.MSExchange.org/ Well dude, hate to say you are wrong, but you are wrong. The script does/says nothing about changing permissions on that folder. No where does any thing say to change the permissions of the badmail folder to deny to the system account. Please post quoted text stating that it is the right way to change the permissions on that folder to deny for system! John T eServices For You -----Original Message----- From: Michael B. Smith [mailto:michael@xxxxxxxxxx] Sent: Thursday, April 14, 2005 8:32 AM To: [ExchangeList] Subject: [exchangelist] RE: Badmail (Exchange 2000) http://www.MSExchange.org/ Really, dude? Why don't you check out the Badmail Deletion and Archiving script, available from Microsoft's download site. Look at how it turns off Badmail creation for versions of Exchange 200x prior to Exchange 2003 sp1. It does EXACTLY what I said. It's the RIGHT way to do it. ________________________________ From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Thursday, April 14, 2005 11:23 AM To: [ExchangeList] Subject: [exchangelist] RE: Badmail (Exchange 2000) http://www.MSExchange.org/ That would be the wrong way to go about it. John T eServices For You -----Original Message----- From: Michael B. Smith [mailto:michael@xxxxxxxxxx] Sent: Thursday, April 14, 2005 7:48 AM To: [ExchangeList] Subject: [exchangelist] RE: Badmail (Exchange 2000) http://www.MSExchange.org/ Why not just put an explicit deny full control for localsystem on the folder? :-)