[ExchangeList] SMTP Logging-Exchange 5.5 question

  • From: "Jose Medeiros" <josemedeiros@xxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 26 Mar 2007 13:43:13 -0800

SMTP Logging-Exchange 5.5 questionHi Christine, 

I no longer have an Exchange 5.5 server to send you the screen captures, 
however I did find a site that has the steps listed under " Diagnostics logging 
" of the MSExchangeIMC service.

SMTP relaying is a feature enabled by default after the Exchange Server is 
installed. It allows other parties to connect to the Exchange server to send 
e-mail using the SMTP protocol. The first implication is an increase of traffic 
which may lead to a denial of service state if the number of messages is too 
The steps to disable relaying are:
1) Open MS Exchange Administrator, expand the site, expand configuration, 
expand connections, double-click on Internet Mail service. 

 2) Click on the routing page 

a) One simple thing to avoid relaying is to disable SMTP rerouting of incoming 
mail only if POP3/IMAP4 is not required. To do this click on "Do not reroute 
incoming SMTP mail". Jump to step 4.
b) As most of the times POP3 is required it is needed to restrict SMTP routing 
only for the IP addresses of the Internet domain scope desired. On this page 
(routing) click on "routing restrictions," check "hosts and clients with these 
IP addresses," then add the IP addresses or scope desired. If a block of IP 
addresses will be entered, make sure to type the starting IP address of the 
block and its corresponding mask. 

Click OK to go back to the main routing page. 

3) In order to know the restrictions are working correctly logging should be 
enabled. Click on the "Diagnostics logging" page, Select the MSExchangeIMC 
service (left window) and "SMTP interface events" (right window), then click on 
minimum on the "logging level" at the bottom of the page. 

 4) The last step is to apply all changes. Yes you are right!, click on apply. 
You'll be informed the Internet Mail Service needs to be restarted in order to 
start using the changes. Open the services in control panel to restart the 
service (stop it, then start it). You'll be able to monitor the SMTP events 
using the event viewer included in the administrative tools of the NT server. 
All SMTP events logged will be in the application log. 

The refused to relay events will be indicated with the stop sign (red color). 

If you would like the full article the url is:

Sincerely, Jose Medeiros

" The reasonable man adapts himself to world, the unreasonable man persists in 
trying to adapt the world to himself, therefore all progress depends on the 
unreasonable man." ...George Bernard Shaw 

  ----- Original Message ----- 
  From: Allen, Christine 
  To: 'exchangelist@xxxxxxxxxxxxx' 
  Sent: Monday, March 26, 2007 7:26 AM
  Subject: [ExchangeList] SMTP Logging-Exchange 5.5 question

  I need to log all smtp traffic that goes through a Exchange 5.5 server.  I 
can't remember which option under diagnostic logging I enable to log this.  
Does anyone remember?

  Christine Allen 
  Systems Engineer
  Electric Insurance Company
  75 Sam Fonzo Drive
  Beverly, MA 01915
  phone: 978-524-5612
  fax: 978.236.5612

Other related posts: