Question : Limit ESMTP verbs on an exchange 2003 server

How Can I limit the ESMTP verbs on my exchange 2003 server to the following only:

AUTH, DATA, EHLO, ETRN, HELO, HELP, MAIL, NOOP, QUIT, RCPT, RSET,
SAML, SEND, SOML, and VRFY

I need to limit the verbs so I can pass traffic thru a Cisco ASA with Inspect ESMTP enabled. Disabling portocol inspection is not a desired answer, so please don't post that:

Answer : Limit ESMTP verbs on an exchange 2003 server

Your list contains mostly standard SMTP commands.
So you need to disable ESMTP as much as possible.

Install the Windows 2003 support tools from SUPPORT\TOOLS\SUPTOOLS.MSI

1. Telnet 25
Type ehlo
Note the advertised verbs.
2. Open ADSIEdit and connect to a domain controller.
3. Open the Configuration Container.
4. Navigate to the following location:
Configuration/Services/Microsoft Exchange/ / Administrative Groups//Servers/ /Protocols/SMTP/
5. Right-click the virtual server object, and then click Properties.
6. For Select a property to view: select msExchSmtpInboundCommandSupportOptions.
7. In the Edit Attribute: field, enter 352257
8. Click Set, Apply, and then OK.
9. Exit out of ADSIEdit.
10. Wait 15 minutes.
11. On the Exchange Server, issue these commands: 'net stop smtpsvc' and 'net start smtpsvc'
12. Telnet 25
Type ehlo
Note that there are less advertised verbs.
13. Test your appliance.

Removing more ESMTP commands would require to disable the event sinks which is not recommended.

Random Solutions

Do you recommend disabling ipv6 on a 2008 Server ?

Windows Server 2003 LDAPS communication issues

Access is denied when trying to access shared files

Simulate an external ping/access (how to)

Website for Baby stores

No Route To Host Pix error

DNS zone transfer failing

Span Remote Desktop Connection over multiple monitors?

DNS help, server not resolve to correct ip