Module 7: Configuring
IIS to Provide E-Mail
Support
Contents
Overview

1

Introduction to the SMTP Service

2

Configuring Support for the SMTP Service

4

Controlling E-Mail Messages

12

Configuring Security for the SMTP Service

19

Managing the SMTP Service

28

Lab A: Configuring and Testing the SMTP
Service

35

Review

45


Information in this document is subject to change without notice. The names of companies,
products, people, characters, and/or data mentioned herein are fictitious and are in no way intended
to represent any real individual, company, product, or event, unless otherwise noted. Complying
with all applicable copyright laws is the responsibility of the user. No part of this document may
be reproduced or transmitted in any form or by any means, electronic or mechanical, for any
purpose, without the express written permission of Microsoft Corporation. If, however, your only
means of access is electronic, permission to print one copy is hereby granted.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
 2001 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, ActiveX, BackOffice, FrontPage, MS-DOS, Outlook, PowerPoint,
SQL Server, Visual Basic, Visual InterDev, Visual SourceSafe, Visual Studio, Windows, Win32,
Windows Media, and Windows NT are either registered trademarks or trademarks of Microsoft
Corporation in the U.S.A. and/or other countries.
Other product and company names mentioned herein may be the trademarks of their respective
owners.


Module 7: Configuring IIS to Provide E-Mail Support

iii


Instructor Notes
Presentation:
45 Minutes

This module provides students with the knowledge and skills to provide e-mail
support in Microsoft® Internet Information Services (IIS) 5.0

Lab:
30 Minutes

After completing this module, students will be able to:
Explain what the Simple Mail Transfer Protocol (SMTP) service is and how
it works.
Configure support for the SMTP service.
Control e-mail messages for the SMTP service.
Configure security for the SMTP service.
Manage the SMTP service.

Materials and Preparation
This section provides the materials and preparation tasks that you need to teach
this module.

Required Materials
To teach this module, you need the Microsoft PowerPoint® file 2295A_07.ppt.

Preparation Tasks
To prepare for this module, you should:
Read all of the materials for this module.
Complete the labs.



iv

Module 7: Configuring IIS to Provide E-Mail Support

Module Strategy
Use the following strategy to present this module:
Introduction to the SMTP Service
Explain that SMTP is the Internet standard for e-mail message delivery.
Describe how the SMTP service works in IIS, and how the SMTP server
sends and receives e-mail messages. Explain that, if they did not enable the
SMTP service during Microsoft Windows® 2000 installation, they can
enable it by using Add/Remove Programs in Control Panel.
Configuring Support for the SMTP Service
Explain that you designate an SMTP virtual server by its Internet Protocol
(IP) address and Transmission Control Protocol (TCP) port number. Discuss
local and remote domains. Discuss alias domains, and explain that they are
just another name for a local domain and cannot be configured. Discuss how
remote domains are used to override the SMTP virtual server’s default
settings for sending messages. Display the SMTP folders and discuss how
each is used.
Controlling E-Mail Messages
Explain the different settings that are available to control the flow of
messages to and from the SMTP server. Discuss that, although these settings
may improve server performance, they also have trade-offs that need to be
considered. Diagram a situation that uses a smart host.
Configuring Security for the SMTP Service
Discuss the various security risks to an SMTP server, and explain the
corresponding methods to mitigate these risks. Explain that connections to

the SMTP server can be controlled by granting or denying access to specific
IP addresses, groups of addresses, or by domain name. Discuss when
encryption should be used, and demonstrate how to enable Transport Layer
Security (TLS) encryption. Explain the types of authentication that are
available for SMTP connections, and discuss the benefits and limitations of
each. Explain that DNS reverse lookup can be enabled on an SMTP server
to enhance security, but will severely impact performance.
Managing the SMTP Service
Explain that monitoring the SMTP service will help optimize performance.
Demonstrate the System Monitor (Performance tool), and discuss which
performance counters aid in monitoring and troubleshooting the SMTP
service. Discuss the importance of logging, and demonstrate the different
log file formats. Discuss the ways to troubleshoot the SMTP service, and
demonstrate the various methods.


Module 7: Configuring IIS to Provide E-Mail Support

v

Customization Information
This section identifies the lab setup requirements for a module and the
configuration changes that occur on student computers during the labs. This
information is provided to assist you in replicating or customizing Microsoft
Official Curriculum (MOC) courseware.

Lab Setup
The lab in this module requires the SMTP service to be installed with the e-mail
folders on drive D. This activity is completed in Module 1, “Installing Internet
Information Services 5.0,” in Course 2295A, Implementing and Supporting

Microsoft Internet Information Services 5.0. To prepare student computers to
meet this requirement, perform one of the following actions:
Complete Module 1, “Installing Internet Information Services 5.0” in
Course 2295A, Implementing and Supporting Microsoft Internet
Information Services 5.0.
Configure the setup requirement manually.

Lab Results
After performing the lab in this module, the SMTP service is configured to
require authentication. No other modules in this course are affected by this
change.



Module 7: Configuring IIS to Provide E-Mail Support

1

Overview
Topic Objective

To provide an overview of
the module topics and
objectives.

Lead-in

In this module, you will learn
about using the Microsoft
SMTP service.


Introduction to the SMTP Service
Configuring Support for the SMTP Service
Controlling E-Mail Messages
Configuring Security for the SMTP Service
Managing the SMTP Service

*****************************ILLEGAL FOR NON-TRAINER USE******************************
E-mail is the most widely used Internet service, and the standard protocol that is
used by e-mail clients and servers to deliver electronic messages over the
Internet is the Simple Mail Transfer Protocol (SMTP).
To provide e-mail message access on your Web servers and applications,
Microsoft® Windows® 2000 provides the SMTP service. The SMTP service in
Microsoft Internet Information Services (IIS) 5.0 enables you to easily
administer your SMTP server, control inbound and outbound e-mail messages,
provide security so that the server is not misused or attacked by unauthorized
users, and use management tools to optimize the performance of your SMTP
server.
After completing this module, you will be able to:
Explain what the SMTP service is and how it works.
Configure support for the SMTP service.
Control e-mail messages for the SMTP service.
Configure security for the SMTP service.
Manage the SMTP service.


2

Module 7: Configuring IIS to Provide E-Mail Support


Introduction to the SMTP Service
Topic Objective

To provide an overview of
the SMTP service in IIS.

Incoming Message

Local
Message
Delivered

Lead-in

The SMTP service enables
Windows 2000 to exchange
e-mail messages with other
SMTP servers.

SMTP
Virtual
Server

Remote Message
Sent to Remote
SMTP Server

Send

*****************************ILLEGAL FOR NON-TRAINER USE******************************

With the SMTP service enabled, IIS can send and receive e-mail messages, and
this capability enables the following:
Web-based applications to send and receive messages.
SMTP servers to exchange e-mail messages.
Administrators to receive e-mail messages that are driven by events on the
Web server, such as users sending forms from Web pages.

Sending and Receiving E-Mail Messages
When a user sends an e-mail message, the delivery process begins with the
message being transmitted to an SMTP server. If the destination domain name
of the message is local to the SMTP server, the message is stored on that server.
If the domain name is not local to the SMTP server, the message is then
forwarded to a remote server.
To find the remote server, the SMTP server performs a Domain Name System
(DNS) lookup for the destination domain. The SMTP server checks the DNS
Mail Exchanger (MX) record, which is the name of the SMTP server that is
servicing all incoming e-mail messages for the remote domain. After the
Internet Protocol (IP) address is located, the local SMTP server connects to the
remote server and sends the message.


Module 7: Configuring IIS to Provide E-Mail Support

3

The SMTP service is not designed as a system for users to retrieve messages by
using an e-mail client such as Microsoft Outlook® or Microsoft Outlook
Express. E-mail message retrieval is defined by the Post Office Protocol (POP),
which is not built into the IIS SMTP server. The SMTP service is designed to
send messages from forms, Microsoft FrontPage®-enabled Webs, or scripts

hosted by IIS.
To enable users to send e-mail messages to anyone on the Internet directly from
a Microsoft Active Server Page (ASP) script or program on your Web site,
Windows 2000 includes a component for handling messages, called the
Collaboration Data Objects for Microsoft Windows NT® Server, also known as
the CDO for NTS Library.
The SMTP service is installed by default when you install Windows 2000.
However, if it is uninstalled for any reason, you can reinstall it by performing
the following steps:
1. Open Control Panel, and then double click Add/Remove Programs.
2. In Add Remove Programs, click Add/Remove Windows Components.
3. In the Windows Components Wizard, click Internet Information Services
(IIS), and then click Details.
Important Do not deselect the Internet Information Services (IIS) check box.
This will uninstall IIS components.
4. In the Subcomponents of Internet Information Services (IIS) dialog box,
select the SMTP service check box, and then click OK.


4

Module 7: Configuring IIS to Provide E-Mail Support

Configuring Support for the SMTP Service
Topic Objective

To explain how to configure
support for the SMTP
service.


Lead-in

To effectively support the
SMTP service, you need to
designate the virtual server,
configure the domains, and
understand the SMTP folder
structure.

Designating an SMTP Virtual Server
Configuring Local and Remote Domains
Examining the SMTP Service Folder Structure

*****************************ILLEGAL FOR NON-TRAINER USE******************************
To effectively support the SMTP service, you need to:
Ensure that each SMTP server is designated as its own virtual server and
does not have the same IP address or Transmission Control Protocol (TCP)
port number as other virtual servers.
Configure local and remote domains for effective e-mail message delivery.
Understand the SMTP folder structure that is created during installation.


Module 7: Configuring IIS to Provide E-Mail Support

5

Designating an SMTP Virtual Server
Topic Objective

To explain the elements that

designate an SMTP virtual
server.

Lead-in

SMTP virtual servers are
identified by the IP address
and the TCP port number.

Select the IP Address
Select

SMTP
Virtual
Server

Identify the TCP Port Number
Identify

*****************************ILLEGAL FOR NON-TRAINER USE******************************
When you enable the SMTP service, a default SMTP virtual server is
automatically installed. A single SMTP server is typically all that is required to
send messages from your Web server. However, if you require more than one
configuration for SMTP, the SMTP service supports multiple virtual servers.
Delivery Tip

Explain that a single SMTP
server is typically all that is
required to send messages
from your Web server, but

that IIS does support
multiple SMTP servers.

All SMTP virtual servers require a unique identity, which consists of the IP
address and the TCP port number. The IP address and TCP port combination
must be different for each SMTP virtual server. Each SMTP virtual server
should also have a unique name.
Note TCP port 25 is the SMTP standard. However, more than one virtual
server can use TCP port 25, provided that each server is associated with a
different IP address.
To designate an IP address and TCP port number for an existing virtual server:
1. Click Start, point to Programs, point to Administrative Tools, and then
click Internet Services Manager.
In Administrative Tools, the IIS console is called Internet Services
Manager; however, when you open the console, it is called Internet
Information Services, also known as the IIS snap-in.
2. In the IIS snap-in, in the console tree, right-click the virtual server that you
want to configure, and then click Properties.
3. On the General tab, in the Name box, type a new virtual server name if you
want to change it from the default.


6

Module 7: Configuring IIS to Provide E-Mail Support

4. In IP address box, select the IP address for this virtual server.
The SMTP virtual server can respond to connection requests for all IP
addresses configured on the computer.
5. To identify the TCP port for each IP address configured for the virtual

server, click Advanced.
6. In the Advanced dialog box, either click Add to add a new port number or
click a current IP address, click Edit or Remove to change or delete the
address and port number, and then click OK.
Note Before you change the configuration on an SMTP virtual server, you
should first pause the service. To pause the SMTP service for a virtual server,
right-click the virtual server in the IIS snap-in, and then click Pause. Pausing
prevents new client connections but enables SMTP service to continue to
process existing client connections and to deliver messages.


Module 7: Configuring IIS to Provide E-Mail Support

7

Configuring Local and Remote Domains
Topic Objective

Addressed and Delivered
to Local Domain

To explain how to configure
local and remote domains.

IIS Server

Lead-in

SMTP virtual servers can
have two types of domains

that you can configure: local
and remote.

Addressed to
Remote Domain

Remote
SMTP
Server

SMTP
SMTP
Virtual
Virtual
Server
Server

Local SMTP Server
Forwards Message
Using Remote
Domain Settings

*****************************ILLEGAL FOR NON-TRAINER USE******************************
The SMTP server can have two types of domains: local and remote. You can
also create an alias domain, which is simply another name for the local domain.
There must always be one local default domain on the SMTP server. This local
default domain is the name of your IIS server and is created automatically when
the SMTP service is installed.

Local Domains

A local domain is a DNS domain name that is serviced by the local SMTP
server. When a message containing a local domain name arrives at the SMTP
server, the message is placed as a file in a local folder on the IIS server. This
folder is created specifically for this purpose when the SMTP service is
installed. Configuring the local domain is important because any e-mail
messages not addressed to the local domain will be routed to other servers for
delivery.

Alias Domains
Delivery Tip

Explain that one local
domain can have multiple
identities by using alias
domains.

An alias domain is another name for the local default domain. For example, if
the local domain name is contoso.msft and you want the local server to also
receive e-mail messages for nwtraders.msft, you would create an alias for the
local domain called nwtraders.msft. This would cause the local SMTP server to
receive e-mail messages for both contoso.msft and nwtraders.msft. Even though
there are two names, nwtraders.msft is an alias for the local domain and cannot
be configured separately. If you create a new alias domain and decide that you
want it to be the new default domain, the previous default domain would
become an alias domain.


8

Module 7: Configuring IIS to Provide E-Mail Support


Remote Domains
Domain names that are not on the local server are known as remote domains.
The SMTP service enables you to create and configure a unique delivery
requirement for each remote domain. For example, you can configure delivery
properties for domains that require a secure connection, such as one hosting
your corporate Exchange server or a trusted partner’s e-mail server.
It is not necessary to configure remote domains for the ordinary delivery of
e-mail messages. If you don’t specifically configure a new remote domain, the
SMTP service will send the message using the settings that you configure in the
default virtual server.
Note You cannot rename a domain after you have created it.
To create an alias or remote domain:
Delivery Tip

Open the IIS snap-in and
point out the local default
domain. Next, demonstrate
how to create an alias and a
remote domain.

1. In the IIS snap-in, expand the SMTP virtual server on which you want to
add a remote domain, right-click Domains, point to New, and then click
Domain.
2. In the New SMTP Domain Wizard, click either Alias or Remote, and then
click Next.
3. On the Select Domain Name page, in the Name box, type the name of the
alias or remote domain, and then click Finish.
If you want to make the new alias domain the default local domain, rightclick the alias domain, and then click Set as Default.
To configure a remote domain, in the details pane of the IIS snap-in, right-click

the domain that you want to configure, click Properties, and then specify the
settings that you want for your remote domain.


Module 7: Configuring IIS to Provide E-Mail Support

9

Examining the SMTP Service Folder Structure
Root
Root

Topic Objective

To verify the folder structure
that is created by the SMTP
service.

Folder
Folder

\
Inetpub

Lead-in

mailroot

When you enable the SMTP
service, several folders are

created on your hard drive
to organize and process
e-mail messages.

Subfolder
Subfolder

Pickup
Queue
Drop
Badmail

Subfolders
Subfolders

Route

SMTP
Virtual
Server

SortTemp
Mailbox

*****************************ILLEGAL FOR NON-TRAINER USE******************************
When you install the SMTP service, it creates several folders and subfolders on
your hard drive. The primary mail folder is called Inetpub, which contains the
mailroot folder. The mailroot folder contains several other folders that are used
by the SMTP service to hold and process messages. The default location of the
mailroot folder is %SystemRoot%\Inetpub\mailroot. These folders and their

purposes are described in the following table.
These folders

Are used to

Pickup

Process outgoing messages that are copied to the folder. As soon as a properly
formatted text file is copied to the Pickup folder, SMTP collects and delivers it.

Queue

Hold messages for delivery and sort them by domain so that they can be sent as a group
if they are for remote delivery. If a message cannot be delivered, the message is stored
in the Queue folder and then sent again at designated intervals.

Drop

Receive all incoming messages for all of the domains that are hosted by the SMTP
server.

Badmail

Store messages that cannot be delivered or returned to the sender.

Route, SortTemp, and
Mailbox

Store, sort, and organize outgoing messages for more efficient delivery. If several
messages are sent to the same remote server, IIS will attempt to send them all by using

a single connection instead of transmitting each one individually and reconnecting
multiple times.

The SMTP service enables you to designate any folder as the Drop folder for
the default domain, as long as the folder is on the same computer as the SMTP
service and is not already assigned as the Pickup folder.


10

Module 7: Configuring IIS to Provide E-Mail Support

Changing Folder Locations
Because the Drop and Badmail folders can accumulate many messages, you
may want to change the location of these folders to select the volume on which
you store these messages. For example, you might want to store incoming
e-mail messages on a volume that has sufficient free disk space to handle all
incoming messages.
To change the default Drop folder:
1. In the IIS snap-in, in the details pane, right-click the default domain, and
then click Properties.
2. In the Drop directory box, type or browse to the name of the folder in
which you want to drop all incoming messages, and then click OK.
The default location is %SystemDrive%\Inetpub\mailroot\Drop. Be sure not
to select the Pickup folder as your new Drop folder.
To change the default Badmail folder:
1. In the IIS snap-in, right-click the virtual server that you want to configure,
and then click Properties.
2. On the Messages tab, in the Badmail directory box, type or browse to the
directory that you want to use to store undeliverable messages, and then

click OK.
The default location is %SystemDrive%\Inetpub\mailroot\Badmail. You can
designate a different folder, provided that it is on the same computer as the
SMTP service.


Module 7: Configuring IIS to Provide E-Mail Support

11

Using the SMTP Folder Structure to Test the SMTP
Server
You can also use the SMTP folder structure to test your SMTP server by
composing a message text file and then copying it into the Pickup folder. When
you compose the text file, you must include envelope header information. The
following is an example of a text file with envelope header information:
x-sender:
x-receiver:
From:
To:
Subject: Hello from Jon
Anything after the blank line after the subject heading
is the body of the message.

In the example above, the x-sender header identifies the sender, and the xreceiver header identifies a single recipient. If you want to include multiple
recipients, add an x-receiver header for each recipient. The headers must appear
first in the text file, with the x-sender header listed first. A blank line (carriage
return and line feed) must precede the message. The text file must be in ASCII
format, not Unicode.
Note Some settings are applied only to messages that are received by the

SMTP service. For example, when a message is dropped into the Pickup folder,
message size limits are not applied if the message is delivered locally.


12

Module 7: Configuring IIS to Provide E-Mail Support

Controlling E-Mail Messages
Topic Objective

To explain how to control
e-mail messages in the
SMTP service.

Lead-in

There are several ways that
you can control incoming
and outgoing e-mail
messages on your SMTP
virtual server.

Setting E-Mail Message Limits
Limiting Connections
Configuring Delivery Options

*****************************ILLEGAL FOR NON-TRAINER USE******************************
Several settings control the flow of messages to and from your SMTP server.
The default settings will be sufficient in most cases but, as an administrator,

you can adjust these settings to meet your specific business needs. On a busy
server, for example, adjusting e-mail message limits, limiting connections, and
setting delivery options can help you improve the performance of your server.


Module 7: Configuring IIS to Provide E-Mail Support

13

Setting E-Mail Message Limits
Topic Objective

To explain how to set e-mail
message limits.

Limiting Message Size

2,048 KB

Lead-in

To improve the performance
of your SMTP server, you
can adjust various message,
session, and recipient
settings for incoming and
outgoing e-mail messages.

Limiting Session Size


10,240 KB

Limiting the Number of
Messages per Connection
Limiting the Number of
Recipients per Message

100

*****************************ILLEGAL FOR NON-TRAINER USE******************************
To improve the performance of your SMTP server, you can adjust various
message, session, and recipient settings for incoming and outgoing e-mail
messages. By setting limitations on your SMTP server, you prevent the server
from accepting unacceptably large amounts of data through e-mail, and you
control the numbers of outgoing messages and connections. You can set limits
on the amount of data that the server will accept and send by configuring
message size, session size, number of messages per connection, and number of
recipients per message.

Limiting Message Size
Message size controls the maximum size of a message (including any
attachments) that the SMTP service will accept. The default message size is
2,048 kilobytes (KB); the minimum is 1 KB.

Limiting Session Size
Session size controls the maximum amount of data that the server will accept
during a session. Multiple messages may be transferred between servers during
a single session. However, if the total size of the messages exceeds the
maximum session size, the SMTP service will disconnect. This setting is
important because, when you set a low limit, it can deter the use of your SMTP

server for unauthorized delivery of bulk e-mail messages. The default session
size is 10,240 KB.
Although decreasing the value of this setting will limit the length of
connections, it will also cause remote servers to make additional connections to
continue sending messages after being disconnected. If the session size limit is
too small, then your server will spend more time creating many short sessions
than it would have spent creating fewer longer ones. Also, to ensure that your
large messages can be sent, the session size limit should be greater than or
equal to the message size limit.


14

Module 7: Configuring IIS to Provide E-Mail Support

Limiting the Number of Messages per Connection
You can also limit the number of messages that are sent in a single connection,
and allow multiple connections to deliver messages to a remote domain. After
the limit is reached, a new connection is automatically opened and the
transmission continues until all messages are delivered.
For example, when you send many messages to a remote domain, you can limit
the number of messages per connection to a relatively low number, such as 25.
As a result, when you send 75 messages in one session, SMTP sends the first 25
messages. As those are being sent, the server opens a new connection, and
sends another 25, and as those are being sent, it sends 25 more, and so on.
Therefore, there would be three simultaneous connections that are delivering
messages to one destination. The default number of messages per connection is
20; the maximum is two billion.

Limiting the Number of Recipients per Message

When a single message needs to be delivered to thousands of e-mail addresses,
a common technique is to use the CC or BCC fields. However, large numbers
of recipients per message over a single connection might burden your SMTP
server. By limiting the number of recipients per message, you allow your server
to service other incoming requests.
The default setting of 100 recipients is specified in RFC 821, and is the SMTP
standard. When the maximum number of recipients is exceeded, the SMTP
service opens a new connection to process the number of recipients that are
over the limit. For example, if the message is sent to 103 people, the server will
process 100 messages in one connection, and then open a new connection to
process the three remaining messages.
Delivery Tip

Display the Messages tab
on property sheet of the
default SMTP virtual server
and point out how to set
e-mail message limits.

To set e-mail message limits:
1. In the IIS snap-in, right-click the virtual server that you want to configure,
and then click Properties.
2. On the Messages tab, select the appropriate check boxes, enter the limits
that you want to enforce on your virtual sever, and then click OK.


Module 7: Configuring IIS to Provide E-Mail Support

15


Limiting Connections
Topic Objective

To explain how to limit
connections to the SMTP
server.

Lead-in

You can limit the number of
incoming and outgoing
connections to your server
to improve its performance.

Limit the Number of
Incoming and Outgoing
Connections
with Other SMTP Servers

SMTP
Virtual
Server

*****************************ILLEGAL FOR NON-TRAINER USE******************************
Whenever a message is sent to or received from a remote server, a connection is
initiated. To improve the performance of your SMTP server, you can limit the
number of connections that you allow to and from the server. The degree of
improvement that is achieved depends on the speed and capacity of your server
hardware and network connections.
Delivery Tip


Demonstrate how to
configure the incoming and
outgoing messages.

To configure incoming and outgoing connections:
1. In the IIS snap-in, right-click the virtual server that you want to configure,
and then click Properties.
2. On the General tab, click Connection.
3. Under Incoming or Outgoing, select the Limit connections to check box
and, in the Limit connections to box, type the number of concurrent
connections that you want to allow.
For incoming and outgoing connections, the default value is 1000 and the
minimum is one.
4. In the Time out (minutes) box, type the time allowed before an inactive
connection is closed.
5. To limit the number of connections to any single remote domain, select the
Limit connections per domain to check box and, in the corresponding box,
type the number of connections per domain that you want to allow, and then
click OK.
The default is 100 connections. This number should be less than or equal to
the value for the Limit connections to box.
6. In the TCP port box, specify the TCP port that you want to use for
outgoing transmissions.
The default TCP port is 25.


16

Module 7: Configuring IIS to Provide E-Mail Support


Configuring Delivery Options
Topic Objective

To explain how to configure
delivery options.

Lead-in

Setting delivery options can
include configuring a smart
host, setting retry intervals,
designating a masquerade
domain name, and setting
the hop count.

*****************************ILLEGAL FOR NON-TRAINER USE******************************
To determine how your messages are sent to other SMTP servers, the SMTP
service enables you to set retry intervals, configure a smart host and
masquerade domain name, and set a maximum hop count.

Setting Retry Intervals
Retry attempts and retry intervals determine how many times the SMTP service
will resend a message and at what intervals before the message is considered
undeliverable. The default settings allow the SMTP service to attempt delivery
of a message for two days before returning a non-delivery report (NDR).
If a message cannot be delivered on the first attempt, the SMTP service resends
it from the Queue folder after a specified time. You can set the interval between
delivery attempts and also designate the number of times that the server will
attempt to deliver a message. After the limit is reached, the message is returned

to the sender with an NDR. The NDR is placed in the Queue folder and goes
through the same delivery process as messages. If the NDR reaches the
maximum number of retry attempts, both the NDR and message are sent to the
Badmail folder.
To configure retry intervals:
1. In the IIS snap-in, right-click the virtual server that you want to configure,
and then click Properties.
2. On the Delivery tab, enter the limits that you want to enforce on your SMTP
virtual server, and then click OK.


Module 7: Configuring IIS to Provide E-Mail Support

17

Configuring a Smart Host
A smart host acts as a gateway for e-mail messages between networks. The
smart host setting can be useful if your IIS SMTP servers are not all directly
connected to the Internet. For example, you can connect one SMTP server to
the Internet and configure all the others to use it as a smart host. You can also
specify a smart host when you want all non-local messages to be processed by a
single server, which is often a dedicated and well-connected mail server such as
Microsoft Exchange 2000. Therefore, the local SMTP server is relieved of the
task of delivering messages.
For some situations, it makes sense to route most outgoing messages through a
smart host. However, you might have a specific domain whose server can be
accessed through a more efficient route. To use that route, you would create a
new remote domain and then configure a smart host for that remote domain.
The domain setting overrides the SMTP virtual server setting. The default is to
send all remote messages to the smart host, not to attempt direct delivery.

Tip You can identify the smart host by domain name or by IP address. If you
use an IP address, enclose it in brackets [ ] to increase system performance.
Because the brackets identify the value as an IP address, DNS lookup is
bypassed.

Designating a Masquerade Domain Name
A masquerade domain name is a name that you want to appear in message
headers. The masquerade domain name replaces the actual local domain name
that appears in the Mail From lines in the protocol.
If you have an SMTP server that is configured as a smart host, you may want to
use the masquerade domain name setting on the smart host to ensure that all
outgoing messages are sent from a single domain. For example, if your
organization’s messages are sent from the domains mail1.contoso.msft and
mail2.contoso.msft, you can use the masquerade domain name on the smart
host to show that all of the messages are from contoso.msft.


18

Module 7: Configuring IIS to Provide E-Mail Support

Setting the Maximum Hop Count
You can limit how many servers a message is allowed to pass through before
the message either reaches its final destination or is determined to be
undeliverable. This setting is called the hop count. After you set the hop count,
the SMTP server counts the hops that are listed in the Received lines of the
message header. When the number of Received fields exceeds the maximum
hop count setting, the message is returned to the sender with an NDR. The
default is 15 hops.
To configure a smart host, masquerade domain name, and maximum hop count:

1. In the IIS snap-in, right-click the virtual server that you want to configure,
and then click Properties.
2. On the Delivery tab, click Advanced.
3. In the Advanced Delivery dialog box, enter the limits that you want to
enforce on your SMTP virtual server, and then click OK.
To allow for network delays, you can set a delay period to expire before
sending the delivery notification. The minimum value is one minute, the default
value is 12 hours, and the maximum value is 9,999 days.
You can also set an expiration timeout for messages that have not been
delivered after all retries. The minimum value is one minute, the default value is
two days, and the maximum value is 9,999 days. Reducing this setting will
allow you to be notified more quickly when there are delivery problems.


Module 7: Configuring IIS to Provide E-Mail Support

19

Configuring Security for the SMTP Service
Topic Objective

To explain how security
works on SMTP servers.

Lead-in

It is important to have the
appropriate security settings
on your SMTP servers.


Configuring Connection Control
Enabling Encryption
Enabling Authentication
Controlling Relay Access
Verifying Connections Using DNS Reverse Lookup

*****************************ILLEGAL FOR NON-TRAINER USE******************************
SMTP servers are not usually domain controllers and do not normally contain
sensitive application data. However, you should still ensure that your SMTP
servers have the appropriate security settings and are protected from
unauthorized users and attacks, such as denial-of-service attacks. Denial of
service occurs when the SMTP server becomes so overloaded with unwanted
messages that it cannot process legitimate messages.
To help prevent attacks on your server, you can configure the SMTP service to
allow or deny connections to other servers based on their IP addresses and
domain names. You can use encryption to protect data and also require that
users authenticate to the SMTP server before they can send e-mail messages.
Additionally, you can control relay access, and configure the SMTP server to
perform a DNS reverse lookup on incoming messages to confirm that they
originate from a legitimate domain.