Microsoft KB Archive/190026

= XFOR: SMTP Protocol Log Only Shows Connection Established Else =

Article ID: 190026

Article Last Modified on 10/28/2006

-

APPLIES TO


 * Microsoft Exchange Server 4.0 Standard Edition
 * Microsoft Exchange Server 5.0 Standard Edition
 * Microsoft Exchange Server 5.5 Standard Edition

-



This article was previously published under Q190026



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SUMMARY
Some SMTP hosts do a reverse Domain Name Service (DNS) lookup for security reasons when an SMTP connection is established. If this reverse lookup fails to resolve properly, they will possibly drop the connection. When this happens, the SMTP protocol log shows that a connection was established to the host, and then nothing else is logged for that connection. In addition, the mail may remain in the Internet Mail Service (Internet Mail Connector in Exchange Server 4.0) queue with no status.



Steps to Test if the Reverse NS-Lookup is Set Up Properly
  Run an Nslookup on the sending domain name as found on the Site Addressing tab in the Exchange Server Administrator program. We will use mycompany.microsoft.com in the following example.

Nslookup returns:      mycompany.microsoft. com preference = 10, mail exchanger = mail.mycompany.microsoft.com mycompany.microsoft.com nameserver = DNS.mycompany.microsoft.com mail.mycompany.microsoft.com internet address = 172.16.0.200 DNS.mycompany.microsoft.com internet address = 172.16.0.200  Look at the mail exchange record and find the mail exchanger host (mail.mycompany.microsoft.com). Look for the Internet address for this host (172.16.0.200).  Do a reverse DNS lookup, which is the IP address typed in reverse order with in-addr.arpa at the end. (For our example, you type in 200.0.16.172.in-addr.arpa. Our example returns:      200.0.16.172.in-addr.arpa name = mail.mycompany.microsoft.com                         If it does not return the correct information, then the information returned will need to be corrected on the DNS server.</li></ol>

It is possible to configure the Exchange Server computer to not do a reverse lookup. Although Exchange Server will not stop receiving inbound messages if it cannot properly resolve a reverse lookup, disabling reverse lookup can possibly speed up performance.

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

You do this by setting the following registry value to 1.

<ol> Start Registry Editor (Regedt32.exe).</li>  Locate the DisableReverseResolve value under the following registry key: <pre class="fixed_text">HKEY_LOCAL_MACHINE\System|CurrentControlSet\Services\MSExchangeIMC \Parameters\ NOTE: If you do not find the DisableReverseResolve value, you must add it. </li> On the Edit menu, click DWORD, type 1, and then click OK.</li> Quit Registry Editor.</li></ol>

When reverse resolution is disabled, the Internet Mail Service will no longer resolve the host name in the "Received From" portion of the SMTP message header. If the address is in Internet Protocol (IP) form, the address will remain as such.

Keywords: kbhowto KB190026

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.