Setting the SmtpIpRestrictionFlag to allow anonymous connections in Exchange

I was having an argument about Exchange 2003 on the flight over to the UK on Thursday night about SMTP connections (I really shouldn’t have had that 3rd glass of wine before getting on to the flight, I must have been up for an argument right from the start).  I mean, I ‘m not sure how the conversation even got round to Exchange (the wine again) let alone how we administer the SMTP servers at Microsoft.  So I was in ramble mode and off I went.

We want to allow all of our authenticated users to connect without any problems to the Exchange Server, from any IP addresses, but we also need to be able to allow a certain number of anonymous connections in some situations.  There’s a flag  called SmtpIpRestrictionFlag which needs to have its attribute set to 1.  You need to download the IIS metabase Explorer from here to add this value.  Once this is in the system, then all authenticated servers will be able to submit email directly to the Exchange servers, and all of the IP addresses on the explicit list would also be able to submit.  All other clients would receive a 5.7.3 smtp response (Client was not authenticated).

Anyway, you can read all about this or download the document from here...   

By the way – the argument went on to much more in depth and nit picking things about Exchange architecture as more and more wine was drunk.  But funnily, I’m not too certain what we argued about after this one, all I know that I got 5 hours sleep on the flight!