One very important role as a managed Windows hosting provider is to take complex matters and translate them in a way that is understandable for everyone. One of our finest, Rick Barber, has done just that to help us make sense of reading SMTP logs.

I like to think of myself as an average Joe. Or an average Rick, as it may be. A lot of writings I have found on the topic of SMTP logs assume a certain level of expertise. Here I will break down Microsoft SMTP logs in simpler terms for every other average Joe.

Before you can start looking at Microsoft SMTP logs, it is great to have some logs with data in them. You can refer to this blog post to ensure that your Microsoft SMTP server is logging: http://www.orcsweb.com/blog/rick/is-your-microsoft-smtp-server-logging.

Take a look at a SMTP log snippet below of the complete communication between your server, MyServer, and a remote mail server at yahoo.com, where a single email is sent from someone@domain.com to someone@yahoo.com.

That looks Greek, right? Or at the very least, like some creature jumped on the keyboard and took over. It’s really not as complicated as it may look. Let’s break it down and help you make sense of the logs starting from the top.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 220+mta1331.mail.mud.yahoo.com+ESMTP+YSmtp+service+ready 0 0 56 0 281 SMTP - - - -

Here in line 1 we see the response from the receiving server, mta1331.mail.mud.yahoo.com after MyServer attempted to open a communication channel to it over port 25. Much of the information in the line above is helpful, but what we’re looking for right now is the reply (sometimes called response) code. In this case, the reply code of the connection is 220, which means the service is ready. If the service wasn’t ready, you would see 421, meaning that the service is not available.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionCommand SMTPSVC1 MyServer - 25 EHLO - smtp.mydomain.com 0 0 4 0 281 SMTP - - - -

The next line is a command that MyServer sent to Yahoo saying Hello (EHLO in this case) and identified itself by its fully qualified domain name (FQDN) of smtp.mydomain.com. You will note the OutboundConnectionCommand in the line above indicating that it is a command being sent from MyServer (since it’s in the MyServer SMTP logs). Responses from the remote mail server are indicated by OutboundConnectionResponse.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 250-mta1331.mail.mud.yahoo.com 0 0 30 0 312 SMTP - - - -

This line is the response from the Yahoo mail server. Once again, the most important thing we’re looking for in this line is the reply code. You will see it is a 250, which is essentially an acknowledgement, or in more technical terms, the requested mail action is ok and any action needed was taken. In SMTP server logs, a 250 reply code is good. If it is a different reply code, you can make yourself look brilliant through an Internet search on the reply code.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionCommand SMTPSVC1 MyServer - 25 MAIL - FROM:someone@domain.com+SIZE=1889 0 0 4 0 312 SMTP - - - -

Now we’re done with all the pleasantries and are getting down to business. Our SMTP server is telling Yahoo that we’re sending an email FROM: someone@domain.com and even telling them how large the email is. Isn’t our SMTP server polite?

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 250+sender+someone@domain.com+ok 0 0 49 0 359 SMTP - - - -

This is the response from Yahoo. Notice the infamous 250 reply code, which in this case means that they are giving us two thumbs up for the sender. A different status code would indicate to us that the remote mail server didn’t like that email address, for one reason or another, and once again you would head to your trusty search engine.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionCommand SMTPSVC1 MyServer - 25 RCPT - TO:someone@yahoo.com 0 0 4 0 359 SMTP - - - -

Here’s where MyServer tells the remote mail server who the email is being sent to, which in this case is someone@yahoo.com. You can sleep better tonight knowing that isn’t your email address.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 250+recipient+someone@yahoo.com+ok 0 0 39 0 391 SMTP - - - -

Yahoo responds to us once again with a 250 reply code. If there was something wrong with the email address, the mailbox was full, or a variety of other reasons, a different reply code would be sent letting us know that. Do I need to say what you would do in this case?

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionCommand SMTPSVC1 MyServer - 25 DATA - - 0 0 4 0 391 SMTP - - - -

Here’s where our mail server tells Yahoo that it is getting ready to send the whole email by issuing the DATA command.

2012-02-03 00:38:39 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 354+go+ahead 0 0 12 0 422 SMTP - - - -

Yahoo responds with a 354 reply code, saying, go ahead and send it. You will notice by looking at the timestamps that all of the above communications between the two mail servers happened nearly instantaneously.

2012-02-03 00:38:41 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 250+ok+Thu+Feb++2+16:38:41+2012:++ql+106947680,+qr+0 0 0 52 0 1562 SMTP - - - -

After Yahoo receives the data, it sends another 250 reply code letting us know that it was received. If you have a calculator handy, you can easily figure out that it took approximately 2 seconds for this email to be transmitted.

2012-02-03 00:38:41 XXX.XXX.XXX.XXX OutboundConnectionCommand SMTPSVC1 MyServer - 25 QUIT - - 0 0 4 0 1578 SMTP - - - -

Our server has done its job and everything worked properly so it sends the QUIT command saying that we’re done.

2012-02-03 00:38:41 XXX.XXX.XXX.XXX OutboundConnectionResponse SMTPSVC1 MyServer - 25 - - 221+mta1331.mail.mud.yahoo.com 0 0 30 0 1609 SMTP - - - -

We get our final response from mta1331.mail.mud.yahoo.com acknowledging that we are done, with a 221 response code. This means that the email transmission is done, and the communication channel is closed.

This ends our short journey through the task of demystifying Microsoft SMTP server logs. Here is some additional information that you may find helpful.

In a perfect world, all mail servers would be running the same software so all mail logs would look identical to the one above. In reality, there are a variety of mail server software applications. Because of that, what you see in your logs will vary somewhat from this example. Most, if not all of them, will follow the basic standards making it possible for people like you and me to read mail logs from any SMTP server and get an idea of what is going on.

If your SMTP server is particularly busy, your total communication will not be conveniently logged in a group together like my example. While the Microsoft SMTP server doesn’t give a helpful ID to each individual mail being sent, you are usually able to easily extract the lines you need by matching up the IP address in the third column.

While I didn’t include it in the mail snippet above, you may want to refer to the very first line of the log file that starts with #Fields: That gives you a template to help you decipher what each ‘column’ represents. You will note that not all the columns show up in all the log files so a little common sense is required to decipher it.

I hope this helps you get one step closer to finding value in those elusive Microsoft SMTP logs that many are scared to open, much less read.

If you found Rick’s explanation helpful, you’ll be amazed at the wealth of knowledge and ability that make up the OrcsWeb Webteam. We believe this team is so great that we created Complete Care Managed Solutions (CCMS), a service that offers more than any other Managed Windows hosting provider. If you’d like to learn more, let us know at webteam@orcsweb.com or give us a call at 1-888-313-9421.

Here at OrcsWeb, when we’re not resolving issues, we’re looking ahead to help prevent them; that’s just the way we think Windows cloud hosting should look. In the following how-to, our Senior Support Specialist, Rick Barber, does just that by showing you how to easily enable SMTP server logging before you find yourself needing to troubleshoot mail issues.

If you've ever had an email disappear into the black hole of cyberspace, you know one helpful place to look is in the Simple Mail Transport Protocol (SMTP) logs. I know, you're beyond excited to be able to dig into the raw logs and track down the problem. That is, until you look for the log files and find the folder...empty!

This is a common occurrence, because many people don't realize that the default installation of Microsoft SMTP server has logging turned off. I will guide you through setting it up so that logs are being created and filled with exciting information before you actually need them.

In Internet Information Services 6 (IIS6) and earlier, SMTP server was easily found in IIS manager. If you are running IIS 7 and later, you can find it in IIS 6.0 Manager. Now that you have found it, right click the SMTP server and choose 'Properties.' You will be greeted with a dialogue box similar to this:

Near the bottom of the window you will notice the empty check box indicating that there is no logging going on. Checking that box will magically bring light to the drop-down box, allowing you to chose the log format. I prefer to keep it at the default setting although there are other options that you can explore.

So we're all done, right? Not so fast! Click on the 'Properties...' button and you will see that enabling logging isn't enough. While a log file will now be created, there will be no information in it. Click on the 'Advanced' tab and you will see what I'm talking about. Right now, your SMTP logs will have as much detail as a painting of an albino cow in an arctic blizzard.

Through creative clicking techniques, you will want to select all the check boxes. Feel free to click away, ensuring that you check each box. Don't be afraid of information overload, as an expert Windows cloud hosting provider, we are well versed in information overload; take our word for it. You seldom know what you need before an issue happens, but it never fails that you didn't collect enough information, which is always obvious after the fact. You should note that the additional logging fields that we checked will add minimal size to your logs and minimal overhead to the server unless you are doing massive mailings. If that is the case, you would be better served exploring options for SMTP server solutions that are created specifically for very large mailings, or you may want to keep a very low profile.

Now, you're set to collect all the available information in your SMTP logs to help you troubleshoot mail issues.

If you'd like to know more about how our Webteam can help manage your Windows cloud server hosting needs, check out Complete Care Managed Services (CCMS), give us a call at 1-888-313-9421, or shoot us an email at sales@orcsweb.com. We would love to hear from you.

Here's a good tip for our managed dedicated server and Windows cloud server hosted clients from Rick, one of our many top-notch support specialists working to assure Remarkable Service and Remarkable Support here at OrcsWeb!

While working on your server you may come across the following error in the Application logs.

Event Type: Error Event Source: Group Policy Local Users and Groups Event Category: (2) Event ID: 8194 Date: 11/26/2011 Time: 6:37:36 PM User: NT AUTHORITY\SYSTEM Computer: SERVER1 Description: The client-side extension could not remove computer policy settings for 'Domain Policy Name {SPID}' because it failed with error code '0x8007000d The data is invalid.' See trace file for more details.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

This is usually caused by a corrupt or malformed XML file in the local server's group policy cache. This usually happens when there is a crash or unexpected shutdown of the server while a Group Policy update is taking place.

To resolve this issue, clear the Group Policy cache on the local server and have the Group Policy cache repopulated.

1) Open Windows Explorer 2) Paste %ALLUSERSPROFILE%\Application Data\Microsoft\Group Policy\History in the address bar 3) Delete all the sub folders in that location 4) Open command prompt 5) Type the following gpupdate /force 6) Verify that sub folders have once again shown up in the Group Policy cache location above.

The above clears the Group Policy cache on the server and puts a fresh copy of the Group Policy preferences on the local server.

Developing a website is relatively easy. Regardless of the tools, technologies, or processes you use, the rendered output to a client viewing your web page is primarily text, Hypertext Markup Language (HTML) tags, images, and Cascading Style Sheets (CSS) formatting.

In reality, developing a good, scalable, website is difficult. As you get deeper into web development, you quickly become aware of how each browser handles your code differently. Because of that, it is important for you to utilize one or more of the numerous tools to help analyze your web site.

One well-known debugging tool is Fiddler. This is a web debugging proxy that logs all HTTP and HTTPS traffic between your computer and the Internet and also has an extension for Firefox. The biggest advantage to Fiddler is that it can help debug any Internet application and not just a page in a web browser. The down side to Fiddler is that since it is a proxy, it tends to slow down the rest of your local HTTP traffic when you are debugging.

A well-known tool primarily for Firefox is Firebug. This tool lets you inspect HTML, styles, and layouts in real-time as well as analyze network usage and performance of the page. New versions are now available that support other browsers.

A product specifically for Internet Explorer was the Internet Explorer (IE) Developer Tools. Designed for Internet Explorer 6 and 7, it was a toolbar that aided in designing and debugging web pages. When Internet Explorer 8 was released, these tools were included with the base installation instead of being a separate downloadable product.

Internet Explorer 9 took it a step further by introducing the F12 Developer Tools. These tools are available on any page and allow you to quickly and easily debug JavaScript, HTML, CSS, and performance problems. As the name implies, you trigger the tools by pressing F12 when you are on a page that you want to investigate.

When you trigger the F12 developer tools, a new window opens up. Here's a quick look at some of the features that are available to you.

• The HTML tab is the default tab and gives you insight into the server-generated code that is transmitted to the client. Selecting items in the view provides you additional information and options in the right column.
• The CSS tab gives you more information on all the CSS formatting that applies to the page.
• The Console tab provides you information on errors that are received from Internet Explorer 9 and also allows you to interact with the web page through a variety of supported commands.
• The Script tab allows you to debug JavaScript code from the browser without having to use other tools.
• The Profiler tab gives you access to a JavaScript profiler that you can use to check how your scripts are performing.
• The Network tab gives you information on the web request including the amount of data that is transferred as well as the time it takes for each action on the page to complete. If you've used Fiddler before, the information provided here is similar.

Those are the main tabs in the F12 developer tools. Not to be forgotten are the numerous menu items that allow you to perform various tasks such as clearing the browser cache, managing cookies, doing page validation, and more.

With Internet Explorer still holding strong as the most widely used web browser, these tools are essential to ensure that you are providing a quality experience to a majority of your targeted users.

For more detailed information on the F12 Developer tools, please see MSDN.

Most Content Management Systems (CMS) like mojoPortal come with a significant amount of built in functionality. It never fails that your project requires some functionality that isn't included. That is easy to overcome with the respective Software Developer Kits (SDK) or Application Programming Interfaces (API) that you can download and install to extend the CMS and add custom functionality.

If you have ever looked closely at some of these SDKs, you will quickly find that they are not for the faint of heart. Most are targeted towards professional developers so those hobbyist developers like me need something easier to use. Especially when we just want to add something simple such as an online registration form to a site.

This is where I have found mojoPortal to be a perfect fit. Since it is open source, you can download the source code and do as much custom development as you desire. However, adding a custom module to your site is as easy as creating a UserControl in ASP.Net. Literally. If the module you are creating is only going to be a single instance on your site, you can simply create an ASP.Net UserControl and then add it as a module in the administration menu. If your site needs more than one instance of that module, you do have to download the source code so you can inherit the base class.

The developer has done a good job of providing extensive documentation, samples, and videos on his website, and he is also active in the forums. I have not run into any issue, though, that is not in the documentation, videos, or forums located on his site.

With the low cost, ease of use and implementation, and simplicity of creating custom modules, mojoPortal is a good solution to consider for your next website development project.

Out of the box, any new site that is setup in IIS7 defaults to using ASP.Net 2.0 for the application pool. If you are developing in ASP.Net 4.0, you want all of your new sites to default to this version instead.

In IIS6, you can change the default version of ASP.Net by running aspnet_regiis with a switch such as -i or -ir. With the improvements made to IIS7, this no longer works. The solution is much easier now that ASP.Net is tightly integrated into IIS.

After you open up Internet Information Services (IIS) Manager, expand the server name on the left, and click on Application Pools. Take note of the 'Set Application Pool Defaults...' link in the upper right under Actions.

Clicking on that link opens up another window where you can change a variety of default application pool settings including the framework version.

Hopefully this helps when you want to set the defaults for your IIS7 application pools.

Happy Hosting!

Web development has been a hobby of mine for many years. Since it is a hobby, I am always looking for ways to quickly deploy and maintain web sites. I have looked at many of the popular Content Management Systems (CMS) that are available and have stayed away from many because I found them to be slow, cumbersome, difficult to upgrade, or expensive.

Then I came across mojoPortal, a free and open source CMS. I was also happy to find out that it is written using ASP.Net, my first choice for web development.

I downloaded the release package and checked the ReadMe.txt file in the root of the folder where I extracted the compressed download file. Much to my surprise it outlined six simple and easy steps. I followed those six steps and in minutes I had a new website set up and ready for me to start adding content.

Upgrading is just as easy and has worked for me numerous times without issue. I recommend that you consider mojoPortal for your next website that needs to be running quickly and inexpensively.

When I first starting using Windows Termial Services in 2001, client printing from Terminal Service sessions was a nightmare.  Microsoft has made improvements over the years including adding the Terminal Services Easy Print printer driver to Windows 2008 which helps to make client printing more stable and much less of a nightmare.

1. Check that the spooler service is set to automatic and running on the server
    
2. Check to ensure that Windows Printer mapping is allowed on the server
   1. Go to Start -> Administrative Tools -> Terminal Services -> Terminal Services Configuration
   2. Right click RDP-Tcp and click properties
      
   3. Click on Client Settings tab and ensure Windows Printer is NOT checked
      
       
3. Check that the Group Policy is not preventing client printer redirection
   1. Go to Start -> Run -> Type in gpedit.msc
   2. On the Local Group Policy Editor that comes up go to Administrative Templates -> Windows Components -> Terminal Services -> Terminal Server -> Printer Redirection
   3. It is best to have all of the settings set to 'Not configured'
      
       
4. Check to make sure that the Terminal Services UserMode Port Redirector service is started

Once you have confirmed everything is correct at the server level, you should next check permissions on the print spooler. 

1. Open an elevated command prompt
   1. Go to Start -> type cmd in the search box -> right click cmd.exe -> Run as administrator
   2. In the command prompt type 'sc sdshow spooler' without the quotes.  You should see something like:
      D:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCLCSWLOCRRC;;;AU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
   3. What you are looking for specifically is (A;;CCLCSWLOCRRC;;;AU).  If that Authenticated Users ACL is missing then Terminal Services is unable to read the state of the Print Spooler service.  If it can't read the state then it assumes it's not running and disables printer redirection.
       
2. If that ACL is missing, here's how to add it back
   1. Copy everything in the output from sc sdshow spooler above to notepad.  Remove all extra spaces and linebreaks.  Add )(A;;CCLCSWLOCRRC;;;AU) to the end of it.
   2. Add the following before the D: - sc sdset spooler.  Your notepad info should look something like:
      sc sdset spooler D:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCLCSWLOCRRC;;;AU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
   3. Copy all of that and right click -> paste it into the elevated command prompt and hit enter.
   4. Now enter sc sdshow spooler and see if the Authenticated Users ACL is there.

Be very careful when working with ACLs and make sure you take screen shots as you go along to make sure you have a good copy of what the ACL looked like before in case you made a mistake when cleaning up the existing ACLs. 

While this doesn't cover all the issues you can run into while troubleshooting client printing issues with Windows Terminal Services, these are some of the more common ones I have come across.

References:

http://social.technet.microsoft.com/Forums/en/winserverTS/thread/619d78a1-dc47-45cf-a078-e9fba492dd1f
http://social.technet.microsoft.com/Forums/en/winserverTS/thread/4ebf9a34-85f3-4b91-9750-48124b9885ba
http://verbalprocessor.com/2007/12/05/running-a-cmd-prompt-as-local-system/

The release of IIS 7 a few years ago marked the beginning of a new direction for Microsoft's Internet Information Server.  Completely redesigned from the ground up, IIS 7 offers a flexible, secure, and modular platform to serve and manage your web application.  If you just did enough to get your site running then you may be missing out on some great functionality.

Many people are not aware that there are IIS extensions that you can download and install.  Best of all, they are free.  A few that I would like to highlight are:

• Web Deploy
  • This extension simplifies the migration and deployment of a web application to your IIS 7 server and provides easy synchronization with Visual Studio.  Only changes made to the application are uploaded saving you time and bandwidth.
     
•  Bit Rate Throttling
  • This extension allows you to set bandwidth throttling for media and data file downloads .  By installing and configuring this extension you can reduce bandwidth costs and increase concurrent download capacity for your IIS 7 server.
     
• URL Rewrite
  • This extension enables you to create rules to redirect and rewrite URLs for web applications on the server.  The implementation of these rules is more straight forward than many other URL rewriting methods.
     
• Dynamic IP Restrictions
  • With the ever increasing chances of your site being subject to a Denial of Service (DoS) attack, this extension provides yet one more tool in your arsenal to help keep your site online and available during an attack.  You can configure this to dynamically block connections based on concurrent request or requests over a period if time as well as set IPs that can bypass the filter.

This is just a sample of the free IIS 7 Extensions that are available to make managing your site and server easier as well as enabling additional features.  More extensions continue to be developed and can be found at http://www.iis.net/download.

You finally have Visual Studio 2010 installed and are developing that cool new ASP.Net 4.0 site.  One of the features that you are excited about is Web Deploy.  It allows you to securely and quickly publish your site, create applications, and do many other great things, all through HTTPS.  The purpose of this post, however, isn't to describe the features of Web Deploy.  You can find detailed information in Scott Guthrie's Blog Post.   

Let's head back to the real purpose of this post.  Another cool feature of Web Deploy is that you can set security ACLs on files and folders of your site.  What if you already have custom NTFS permissions set on your site and don't want Web Deploy to change those permissions?  Look as hard as you will, but that setting isn't available anywhere in the properties of the project.  If you look closely at the comments of Scott's post above, you will see the following mentioned: 

To disable setting ACLs, you can: