Which mechanism or tool can I use to trace or monitor an Exchange 2000 Server inbound or outbound SMTP conversation for troubleshooting purposes? The logging mechanisms I've been able to find within Exchange 2000 don't provide the level of detail I've been used to with other SMTP servers.
Additional SMTP logging options might give you what you need. In Exchange 2000, Microsoft adopted the common logging mechanism that Microsoft IIS components use. You turn SMTP logging on and off by using the Enable Logging check box on the General tab of the SMTP virtual server Properties dialog box. Turning this feature on generates a fairly simple log: Each line in the log file contains a timestamp, the IP address of the remote client, the SMTP verb that Exchange used, and a status code. This log is pretty skimpy, but it's enough to let you see when a particular SMTP connection occurred or which error appeared in the log during a session. If you want more information, you can tell the SMTP service to log more data by selecting Properties on the General tab of the SMTP virtual server Properties dialog box. Selecting Properties displays the Extended Logging Properties dialog box, which Figure 2 shows, from which you can select additional items to log. If those options still don't provide what you're looking for, you'll probably have to monitor the raw SMTP traffic by using a network analyzer such as Microsoft Network Monitor or Network Instruments' Observer. These tools let you capture individual packets, or streams of packets, on your network and pick apart the contents. By watching the traffic on TCP port 25 between your server and the target, you can see exactly what's going wrong. The Microsoft article "How to Capture Network Traffic with Network Monitor" (http://support.microsoft.com/support/kb/articles/q148/9/42.asp) explains how to use Network Monitor. Network Monitor is included on the Windows 2000 Server and Win 2K Advanced Server CD-ROMs.