Discussion:
How to disable CHUNKING/BDAT on a standalone window 2000 SMTP server?
(too old to reply)
Barney
2006-09-08 21:14:53 UTC
Permalink
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.

There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.

MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.

Does anyone know of a way to do that? Any VB script to do that?

Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.

Thanks for any suggestions in advance.
Bharat Suneja [MVP]
2006-09-08 22:14:19 UTC
Permalink
Change the smtpInboundCommandSupportOptions value in IIS metabase using
adsutil.vbs or Metabase Explorer.

IIS 6.0 Metabase Property Reference
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/fa9dd1ae-34dc-4f45-b32b-c20ba0ec0c48.mspx?mfr=true

(Haven't found IIS 5.0/Windows 2000-specific link, but I suspect this works)

Chunking has a decimal value of 1048576.

Another article, though Exchange-specific, talks about modifying this
property in IIS Metabase... which should fill in the gaps from the IIS
Reference link above.
http://support.microsoft.com/kb/257569/
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
www.exchangepedia.com/blog
----------------------------------------------
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
danielw
2006-09-09 07:03:01 UTC
Permalink
I got the 2nd link which is for AD-enabled exchange server. Will investigate
the 1st link. Thanks very much!
Post by Bharat Suneja [MVP]
Change the smtpInboundCommandSupportOptions value in IIS metabase using
adsutil.vbs or Metabase Explorer.
IIS 6.0 Metabase Property Reference
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/fa9dd1ae-34dc-4f45-b32b-c20ba0ec0c48.mspx?mfr=true
(Haven't found IIS 5.0/Windows 2000-specific link, but I suspect this works)
Chunking has a decimal value of 1048576.
Another article, though Exchange-specific, talks about modifying this
property in IIS Metabase... which should fill in the gaps from the IIS
Reference link above.
http://support.microsoft.com/kb/257569/
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
andy webb
2006-09-10 17:04:43 UTC
Permalink
Turn off the SMTP fixup on the ASA. The protection it offers you isn't
worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
andy webb
2006-09-10 18:31:14 UTC
Permalink
As a followup, if you ever add a second exchange server, having changed the
SMTP verbs will cause you a world of trouble until you remember you did that
and undo it. Even if you're just adding a new server and migrating the
users to it, mail needs to be able to route and this change (to the SMTP
verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you isn't
worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
danielw
2006-09-11 13:38:02 UTC
Permalink
That sounds very reasonable. Can you bee a bit more specific how to disabling
Chunking will cause a lot of troubles in email transfer and public folder
replication? In email the other end should fall back to DATA. I have no
experience in public folder replication.

Thanks very much!
Post by andy webb
As a followup, if you ever add a second exchange server, having changed the
SMTP verbs will cause you a world of trouble until you remember you did that
and undo it. Even if you're just adding a new server and migrating the
users to it, mail needs to be able to route and this change (to the SMTP
verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you isn't
worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
Bharat Suneja [MVP]
2006-09-11 16:04:51 UTC
Permalink
- As Andy suggested, getting rid of fixup on ASA would be the way to go.
- Nevertheless, if it's a standalone (non-Exchange) SMTP server acting as a
relay host it's not going to break anything on the Exchange side.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
As a followup, if you ever add a second exchange server, having changed
the SMTP verbs will cause you a world of trouble until you remember you
did that and undo it. Even if you're just adding a new server and
migrating the users to it, mail needs to be able to route and this change
(to the SMTP verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you isn't
worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
andy webb
2006-09-11 22:39:23 UTC
Permalink
I'll also follow up with this. If external mail hits IMSS first, then
you're publically published SMTP verbs are coming from the IMSS SMTP engine
and not from Exchange, so it makes no sense to make a config change to IMSS.

That may be exactly what you meant Bharat, but in case not, there I've said
it. ;)

I have no idea if it's possible to disable specific verbs on the IMSS box.
I doubt it.

Or am I overly confusing this thread?
Post by Bharat Suneja [MVP]
- As Andy suggested, getting rid of fixup on ASA would be the way to go.
- Nevertheless, if it's a standalone (non-Exchange) SMTP server acting as
a relay host it's not going to break anything on the Exchange side.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
As a followup, if you ever add a second exchange server, having changed
the SMTP verbs will cause you a world of trouble until you remember you
did that and undo it. Even if you're just adding a new server and
migrating the users to it, mail needs to be able to route and this change
(to the SMTP verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you isn't
worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
Bharat Suneja [MVP]
2006-09-11 22:55:17 UTC
Permalink
Yes, you are... (for me)... ;-)

What's IMSS? (

It's a standalone Win2000 box with SMTPSvc.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
I'll also follow up with this. If external mail hits IMSS first, then
you're publically published SMTP verbs are coming from the IMSS SMTP
engine and not from Exchange, so it makes no sense to make a config change
to IMSS.
That may be exactly what you meant Bharat, but in case not, there I've
said it. ;)
I have no idea if it's possible to disable specific verbs on the IMSS box.
I doubt it.
Or am I overly confusing this thread?
Post by Bharat Suneja [MVP]
- As Andy suggested, getting rid of fixup on ASA would be the way to go.
- Nevertheless, if it's a standalone (non-Exchange) SMTP server acting as
a relay host it's not going to break anything on the Exchange side.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
As a followup, if you ever add a second exchange server, having changed
the SMTP verbs will cause you a world of trouble until you remember you
did that and undo it. Even if you're just adding a new server and
migrating the users to it, mail needs to be able to route and this
change (to the SMTP verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you isn't
worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
andy webb
2006-09-12 03:48:12 UTC
Permalink
ok, I swear I thought I saw that he said he was using Trend Micro IMSS
(Internet Mail Security Suite or something like that) on a server between
the ASA and the Exchange server. IMSS isn't a set of event sinks on IIS
SMTP, it has its own SMTP MTA.
Post by Bharat Suneja [MVP]
Yes, you are... (for me)... ;-)
What's IMSS? (
It's a standalone Win2000 box with SMTPSvc.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
I'll also follow up with this. If external mail hits IMSS first, then
you're publically published SMTP verbs are coming from the IMSS SMTP
engine and not from Exchange, so it makes no sense to make a config
change to IMSS.
That may be exactly what you meant Bharat, but in case not, there I've
said it. ;)
I have no idea if it's possible to disable specific verbs on the IMSS
box. I doubt it.
Or am I overly confusing this thread?
Post by Bharat Suneja [MVP]
- As Andy suggested, getting rid of fixup on ASA would be the way to go.
- Nevertheless, if it's a standalone (non-Exchange) SMTP server acting
as a relay host it's not going to break anything on the Exchange side.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
As a followup, if you ever add a second exchange server, having changed
the SMTP verbs will cause you a world of trouble until you remember you
did that and undo it. Even if you're just adding a new server and
migrating the users to it, mail needs to be able to route and this
change (to the SMTP verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you
isn't worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb
advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
danielw
2006-09-12 14:58:02 UTC
Permalink
I think I was the one who confused you a little bit. I posted to another
group through Google not knowing which one was most approriate for me. I
think you answered that one saying you had IMSS and I replied that I also had
a Trend product but it was Interscan Viruswall. I think my Interscan
Viruswall uses the standalone IIS SMTP server running on our proxy server. It
does scan email, however. Basically our exchange server forward outgoing
email to the proxy server as a Smarthost, the proxy server is acting as our
mail gateway to the otherside world.

I also tried to set up a SMTP connector for each of the problem connection
and make them use standard SMTP (HELO) only. It worked fine but it's not
scaleable since I have no idea which future SMTP connection is going to have
problem.

I think I will just go back and turn Cisco's smtp fixup protocol off for now.

Thanks to all your help, everyone!
Post by andy webb
ok, I swear I thought I saw that he said he was using Trend Micro IMSS
(Internet Mail Security Suite or something like that) on a server between
the ASA and the Exchange server. IMSS isn't a set of event sinks on IIS
SMTP, it has its own SMTP MTA.
Post by Bharat Suneja [MVP]
Yes, you are... (for me)... ;-)
What's IMSS? (
It's a standalone Win2000 box with SMTPSvc.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
I'll also follow up with this. If external mail hits IMSS first, then
you're publically published SMTP verbs are coming from the IMSS SMTP
engine and not from Exchange, so it makes no sense to make a config
change to IMSS.
That may be exactly what you meant Bharat, but in case not, there I've
said it. ;)
I have no idea if it's possible to disable specific verbs on the IMSS
box. I doubt it.
Or am I overly confusing this thread?
Post by Bharat Suneja [MVP]
- As Andy suggested, getting rid of fixup on ASA would be the way to go.
- Nevertheless, if it's a standalone (non-Exchange) SMTP server acting
as a relay host it's not going to break anything on the Exchange side.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
www.exchangepedia.com/blog
----------------------------------------------
Post by andy webb
As a followup, if you ever add a second exchange server, having changed
the SMTP verbs will cause you a world of trouble until you remember you
did that and undo it. Even if you're just adding a new server and
migrating the users to it, mail needs to be able to route and this
change (to the SMTP verbs) will break public folder replication.
Post by andy webb
Turn off the SMTP fixup on the ASA. The protection it offers you
isn't worth the hassle of changing your exchange server.
Post by Barney
We use a standalone SMTP server as our mail gateway. After we upgraded
to Cisco's ASA5500 (PIX upgrade), we started having trouble with
certain outside Exchange servers. It turned out Cisco's SMTP inspection
engine blocked the BDAT command when our server used it to send data
out. The problem is, however, Cisco doesn't block the SMTP chunking
advertisement from the receiving server, so our server always tried to
use BDAT as opposed to DATA.
There is no fix right now on the ASA to block SMTP verb
advertisement.
And I don't want to turn off SMTP inspection for too long.
MS only provids How-to on disabling SMTP verbs on Active Directory
enabled Exchange server. There is a disabling 8bitMIME doc on standard
2000 SMTP server, but not for Chunking.
Does anyone know of a way to do that? Any VB script to do that?
Another solutino someone suggested in this group is to dumb down my
SMTP server to basic SMTP commands. I don't like it because with all
the SPAM filters, my SMTP is slow enough already.
Thanks for any suggestions in advance.
Loading...