I recently talked with some folks at a company that makes Exchange-based software; they wanted to know how to make their software work better on clusters. One of the big questions they had revolved around the Message Transfer Agent (MTA) service. As I was talking to them, it hit me: Administrators who started with Exchange 2003 or Exchange 2000 might not know what MTA is, what it's for, or when it's used. So let's jump into the Wayback Machine to see how we got MTA in the first place, then jump forward to see what Microsoft says about the need for the MTA component in Exchange.
Let's start with the term Mail Transfer Agent. It apparently came from the fog-shrouded world of the International Telecommunication Union (ITU), purveyors of the X.400 standard for email interchange (I can't tell whether the ITU invented the term or merely lifted it from the UNIX world). Anyway, MTA's purpose is to accept and relay messages between servers, routing them as necessary and delivering them to some storage mechanism so that a Mail User Agent (MUA) such as Outlook or Pine can read them.
In Exchange 5.5, MTA was the core component responsible for moving mail around. Exchange 5.5 used X.400-style addresses for every addressable object. The Exchange 5.5 MTA was a mostly compliant implementation of the X.400 standard that used Microsoft's remote procedure call (RPC) mechanism to communicate with other RPCs and used separately installed protocol plug-ins to talk to other kinds of MTAs. In particular, a separate X.400 connector let the system talk directly to other X.400 systems.
The lingua franca of our worldwide communications system (which includes the Internet and every private or corporate network connected to it) isn't X.400, thank goodness; it's SMTP. Exchange 5.5 offered an SMTP connector, but Exchange 2000 used SMTP as its primary means of communication, both with the outside world and between Exchange servers in a single organization. However, MTA was still present and was a required component; Microsoft didn't (and doesn't) support running Exchange 2000 without it.
This requirement might seem unnecessary, but remember that Exchange 5.5 servers expect to use only MTA to talk to other Exchange 5.5 servers. To have mixed-mode combinations of Exchange 5.5 and Exchange 2000, any Exchange 2000 server that talks to an Exchange 5.5 server needs MTA. However, an additional wrinkle is that in Exchange clusters, only one instance of MTA can exist at a time. For Exchange 2000, this restriction isn't a big deal because a cluster can contain a maximum of 40 databases (four storage groups per server with five databases each).
However, Exchange 2003 supports larger clusters, which introduces a problem. As the Exchange team explains on its team blog (see http://blogs.technet.com/exchange/archive/2005/09/09/410522.aspx ), MTA has a hard-coded limit of 50 Exchange databases. But you can increase that number to 60 by modifying the MTA registry entry as described in the Microsoft article "How to increase the number of databases that are supported by the MTA service when Exchange Server 5.5 coexists with a server cluster that is running Exchange Server 2003" at http://support.microsoft.com/?kbid=899302 .
Customers have been asking for a while why they can't just turn off MTA in Exchange 2003. Microsoft's previous answer was "because that isn't supported." Now, however, the product team has changed its support stance after testing whether anything breaks when MTA is permanently disabled. The answer, which was published on the Exchange blog last week, is that it's now OK to turn off MTA in native-mode Exchange 2003 environments. You have to follow the steps in the Microsoft article "MTA Stacks service supportability guidelines for Exchange 2000 Server and Exchange Server 2003" at http://support.microsoft.com/?kbid=810489 to shut off MTA in both standalone and clustered environments. The article also explains when not to turn MTA off (hint: mixed-mode environments still require MTA, at least on bridgehead servers).
Should you turn off MTA? It depends. If you're in native mode, disabling MTA does give you a small reduction in your server's potential attack surface. Because no reported vulnerabilities in any version of the Exchange MTA have emerged, that reason isn't compelling enough to turn it off. If you follow the supported steps to disabling it, however, you won't do any harm by doing so.