I'd found some info from the http://nsa1.www.conxion.com/win2k/download.htm site on how to secure your ISA server. ISA Server Extention recommendaitons · If publishing a SMTP server: Enable the SMTP filter and disable the following under the SMTP commands tab: EXPN, VRFY, TURN, NOOP. -----Original Message----- From: Thor@xxxxxxxxxxxxxxx [mailto:Thor@xxxxxxxxxxxxxxx] Sent: Friday, August 03, 2001 10:10 AM To: [ISAserver.org Discussion List] Subject: [isalist] SMTP Events http://www.ISAserver.org Greets: I continually get SmtpEvt EventID: 17240 in my ISA Server's Application log described as "The SMTP command exceeded its allowed length" with data of "NOOP" However, there is no information as to the offending IP, or anything else for that matter. Nothing is in any of the logs to correlate to. Is there any way to get more information as to what this is and who is causing it? In general, I would like to at least know the offending IP... --------------------------------- Attonbitus Deus Thor@xxxxxxxxxxxxxxx ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: david@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')