Windows Server 2008 SMTP Service logging

I was working on installing Windows Server 2008 x64 edition.  I discovered the SMTP Service wasn’t logging.  SMTP was working and emails were going out.  My install is ‘custom’ and installs just the modules we needed.  Turns out, there is a small dependency on the ODBC logging module so the SMTP service logging would work.  More importantly iislog.dll.  Here are the instructions to fix and reproduce the behavior.


To correct it.  I’m assuming you have the SMTP Service already installed and it’s not logging.


1) Install ODBC Logging module (role service in Server Manager)


2) Stop / Start the SMTP Service


3) Verify your SMTP service is configured for logging.  It’s not on by default.


4) Try a local telnet test (assuming the telnet client is installed)


5) Look at your log folder.


To Reproduce the logging ‘behavior’


1) Install Windows Server 2008 (obvious step)


2) Install the basic web server components. (static content with anonymous user)


3) Install telnet client and SMTP services


4) Enable logging on SMTP instance


5) try a telnet test locally


6) Verify the smtpsvc folder isn’t in the location you configured for logging (default is c:\windows\system32\logfiles)


7) Add the ODBC logging module (no iisreset is required) *Or in my tests there wasn’t

8) Stop / Start the SMTP service (net stop smtpsvc && net start smtpsvc)


9) Try another telnet test


10) Verify the SMTPSVC folder is present.


Hope this saves you some time, it took me a while to find the right mix. 


Thanks a bunch to Bernard Cheah who helped point me in the right direction


Steve Schofield
Microsoft MVP – IIS.

Logparser – look for certain IP’s between a timeframe

Here is  a quick example of pulling certain ip’s from the IIS Logs.   


‘Specific log file
logparser “select top 10 count(*),c-ip from d:\wwwlogs\w3svc2\u_ex010228.log where to_time(time) between timestamp(’01/01 13:50:00′, ‘MM/dd hh:mm:ss’) and timestamp(’01/01 14:55:00′, ‘MM/dd hh:mm:ss’) group by c-ip order by count(*) DESC”


‘specific website, all open logs.
logparser “select top 10 count(*),c-ip from <example.com> where to_time(time) between timestamp(’01/01 13:50:00′, ‘MM/ ddhh:mm:ss’) and timestamp(’01/01 14:55:00′, ‘MM/dd hh:mm:ss’) group by c-ip order by count(*) DESC”

Volume Licensing 2.0 for Vista and Windows Server 2008

Here is some links on Volume Licensing 2.0.  If you are going to implement Windows Server 2008 into your environment.  Plan on spending a couple of days understanding the concepts.  Note, the KMS stuff is built into Windows Server 2008, so you don’t have to add it like you did in Windows Server 2003.


Windows Server 2008 KMS Setup Demonstration video (I suggest starting here!)
http://www.microsoft.com/downloads/details.aspx?familyid=bbf2eb61-2b30-4f2d-bccd-df53e220b8e9&displaylang=en&tm


Documentation
http://www.microsoft.com/downloads/details.aspx?FamilyId=9893F83E-C8A5-4475-B025-66C6B38B46E3&displaylang=en


Homepage
https://www.microsoft.com/licensing/servicecenter/home.aspx?1033


Volume Activation 2.0 for Windows Vista and Windows Server 2008
http://technet.microsoft.com/en-us/library/bb892849.aspx


Volume Activation 2.0 Technical Guidance
http://www.microsoft.com/downloads/details.aspx?FamilyId=9893F83E-C8A5-4475-B025-66C6B38B46E3&displaylang=en


Windows Server 2003 SP1 KMS download (separate from Windows Server 2008)
http://www.microsoft.com/downloads/details.aspx?FamilyID=81d1cb89-13bd-4250-b624-2f8c57a1ae7b (x86)


http://www.microsoft.com/downloads/details.aspx?FamilyID=03fe69b2-6244-471c-80d2-b4171fb1d7a5 (x64)


Command line reference for the configuration VBS tool.  (No GUI support I can find)
http://technet.microsoft.com/en-us/library/bb490217.aspx


Hope this helps.


Steve Schofield