Incorrect information on MTA Stacks service
I had previously posted about the MTA Stacks service being required in order to configure RBL lookups. After doing further checking, this is incorrect. Rather than correct that post, I decided to just delete it and post this instead. RBL Lookups are configured under the Connection Filtering object, which is managed by the SMTP Virtual Server. The MTA Stacks service is not required in order for Connection Filtering to work, however, it can cause issues with Message Tracking if the MTA Stacks service is disabled.
Our Security Hardening for Exchange 2003 guide talks about how the MTA Stacks service can be disabled on a Front-end server, but this is just as a baseline. The same baseline also has the Information Store and System Attendant disabled. However, the document also goes on to mention that if your Front-end server is acting as an SMTP Bridgehead, that the MTA Stacks service should be left at Automatic. In this same configuration, the System Attendant and Information Store services also must be running.
To conclude, there are specific circumstances in which the MTA Stacks service can be disabled, but there are also many circumstances in which it shouldn't be disabled. If the only function of your Front-end server is to proxy client traffic for OWA, then yes, the MTA Stacks service can be disabed. If it is passing mail, then I'd leave it alone.
Comments
- Anonymous
December 05, 2006
This kind of confusion is precisely why I make it a point to differentiate between front-end functionality (that is, client access protocols) and bridgehead functionality (SMTP).