I was wondering why my IIS7 SMTP server didn’t create any log files. According to my settings it should create log files @ C:\Windows\System32\LogFiles
It seems that for this to function correctly you have to install the role service “ODBC Logging”. Here is how to do this:
When you now connect to your smtp service it will create a log file.
If you want your servers or your software to mail and you are on hosted exchange (BPOS), you have to do some extra work to get it to work.
Prerequisites:
An IIS Server with the SMTP Feature
A BPOS account (this will be used to authenticate against Exchange Online and to send the email)
As I am using IIS7, I need to make sure I install the IIS6 Management Compatibility. I need this for managing my SMTP Server.
We will be configuring the 4 buttons you see, Outbound Security, Outbound Connections and Advanced
Just to be sure: restart the SMTP Service and IIS.
Note
I received the error 550 5.7.1. Client does not have permissions to send as this sender. It turned out that I used the following format for the from address username@ourdomain.nl (this was exactly the same as the user I specified in the outbound security tab). When I changed the from address to username@ourdomain.emea.microsoftonline.com it started working.
This is because my @ourdomain.nl isn’t authoritative (still on external relay)
I recently installed a Windows 2003 x64 server. I had to use this machine for running one of our web services we developed.
This webservice was initiated by a custom developed Windows Schedule service, to initiate an import of files.
After installing and configuring IIS6, I could browse the webservices.svc file but whenever the Schedule Service tried to initiate the webservice to do the import of files I received the following error in my IIS logs:
127.0.0.1 POST /WebImportService.svc – 80 – 127.0.0.1 – 500 0 0
A 500 0 0 error indicates application failure. The schedule service could not initiate an import. After some troubleshooting I came to realize that the WebImportService was a 32 bits application and was running with the x64 DLL (i.e. C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll).
Apparently this is no problem on IIS7 (), but it is on IIS6.
The following action resolved my problem:
First I had to enable the possibility to run x86 WebApps on my X64 machine. For this open a command prompt and navigate to C:\inetpub\adminscripts. Execute the following command:
cscript adsutil.vbs SET W3SVC/AppPools/Enable32BitAppOnWin64 TRUE
note:
you can use cscript adsutil.vbs GET W3SVC/AppPools/Enable32BitAppOnWin64 to see if it is already enabled on your machine
After that register .Net v4.0. Navigate to the folder C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319 (not the Frameworkx64 folder) and execute the command:
aspnet_regiis –i
In IIS under “web service extensions” you can now enable ASP.NET v4 (32 bit). Just right click it and select Allow
Last thing to do is change your webapplication to use the 32 bits Framework DLL’s instead of the x64 bits.
You can do this by executing the next command from within your Framework folder (C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319 ):
aspnet_regiis -s W3SVC/1/Root/<Web Identifier>
The Web Identifier can be found inside IIS manager or by executing the command: aspnet_regiis –lk
Say you got a wildcard certificate for a domain called *.marcvalk.net.
When you have a couple of IIS sites which host subdomains of marcvalk.net and you want to secure them with SSL, you can do so.
For this you have to use the command prompt.
In IIS6 you have to use the following command (executed from the directory c:\inetpub\adminscripts > this is the default location of adsutil.vbs)
cscript.exe adsutil.vbs set /w3svc/<site identifier>/SecureBindings ":443:<host header>"
Site identifier can be found in IIS Manager:
In IIS7 you have to do the execute the following command (from within C:\Windows\System32\Inetsrv):
appcmd set site /site.name:"<IISSiteName>" /+bindings.[protocol='https',bindingInformation='*:443:<hostHeaderValue>']
Internet Explorer version 8 has got some annoying loopbackcheck. Whenever you want to browse a local hosted site (IIS), it will pop up a security dialog in which you have to fill in your username and password.
Whatever combination you fill in, eventually you will get a 401.1. error.
You can resolve it by editing the the registry.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Now available for download: IIS Application Warm Up.
IIS Application Warm-Up for IIS 7.5 enables IT Professionals to improve the responsiveness of their Web sites by loading the Web applications before the first request arrives. By proactively loading and initializing all the dependencies such as database connections, compilation of ASP.NET code, and loading of modules, IT Professionals can ensure their Web sites are responsive at all times even if their Web sites use a custom request pipeline or if the Application Pool is recycled.
Today we had an issue with one of our Amazon hosted servers. This server was hosting a local SMTP Server (IIS), and was sending out mail on behalf of a domain (let’s say domain: abracadabra.com).
The mail was dropped into the IIS bad mail directory, because our server was prohibited from relaying mail by spamhaus.org.
As we were relaying for abracadabra.com, and our mail server was not known as a mail server from this domain we we’re blocked.
We solved it by sending our mail through the mail server which was responsible for the abracadabra.com by using SMTP Authentication.
Fill in your user name and password you use for your remote SMTP Server of the abracadabra domain and click [OK]
Click [OK] twice
Whenever you receive a 404 2 1260 error in your Internet Information Server Log File, check if ASP.NET is allowed to execute.
A new version of the Kerberos tool DelegConfig is ready. Download it here.
Notable Features:
Supports IIS 7.0 (useKernelMode / useAppPoolCredentials)
Allows adding backend servers of type UNC, HTTP, LDAP, OLAP, SQL, SSAS, and RDP
Allows chaining of multiple hops (versus only a single backend)
Performs duplicate SPN check against all trusted domains.
/Set/SPNs.aspx – Allows adding and removing of ServicePrincipalNames
/Set/Delegation.aspx – Allows changing Trust for Delegation settings.
/Set/Providers.aspx – Allows correcting of inadequate NTAuthenticationProviders settings.
/Report.aspx – Gives a picture of what is right and what is wrong.
/Wizard.aspx – A set of wizard steps that supports adding more tiers to /Report.aspx.
/Test.aspx – Allows double-hop tests for webServer-to-Sql or webServer-to-fileServer or webServer-to-webServer
