Skip navigation
Menu
Collaboration>Email and Calendaring

Troubleshooter---Editing the Exchange 2000 Startup Banner

I don't want anyone to be able to tell that my company is running the Exchange SMTP service. Can I alter the default banner that the service displays when someone connects?

This action can be a useful security measure. One common ploy of malicious users is to use an SMTP-scanning tool that scans an address range and logs the banner responses. That action might tell them which OS and SMTP service a target host is running, which in turn tells them what kind of attacks to try. By default, the Exchange 2000 Server banner includes the name of the SMTP host, the text Microsoft ESMTP Mail Service, and the version number; for example

220 cyclone.robichaux.local Microsoft ESMTP 
MAIL Service, Version: 5.0.2195.3779
ready at Sat, 13 Oct 2001 14:23:52 -0500

For your external servers, turning off this banner isn't a bad idea. However, doing so requires you to edit the metabase, something that you should never do lightly. (The metabase is a hierarchical database that stores Microsoft IIS configuration values. Microsoft transferred most IIS-related settings from the registry to the metabase and added many more settings that allow greater customization. For more information about editing the metabase, see William Sheldon's IIS Administrator article "Getting to Know the Metabase," http://www.iisadministrator.com, InstantDoc ID 16179.)

To change the banner, you must first get a copy of MetaEdit, the metabase equivalent of regedit and regedt32. MetaEdit 2.2 is currently available from http://download.microsoft.com/download/iis50/utility/5.0/nt45/en-us/mtaedt22.exe. After you've launched MetaEdit, navigate to the Lm\SMTP subkey, then find the virtual server instance you want to modify. (The instance appears as a number.) Select Edit, New, String. In the resulting dialog box, set the ID type to Other and enter a decimal value of 36907 for the ID. Next, in the Value text box, type the text you want to appear in the banner. When you're finished, stop and restart the virtual server instance. The text you apply will appear between the server's DNS name and the ready at <date> banner—you can't remove those two elements.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
zoom logo
Zoom Releases New AI-Powered Collaboration Platform—Zoom Workspace—Plus Other Updates
Mar 26, 2024
person working from home using smart phone and notebook computer
Monitoring Employee Productivity, Balance Surveillance with Transparency
Jan 03, 2024
zoom logo on screens of laptop and smartphone device.jpg
At Zoomtopia, Small Businesses Share Transformation Stories
Oct 12, 2023
zoom logo
Zoom Unveils Docs, Upgrades Contact Center Offerings
Oct 03, 2023