KB976323 reset my SMTP settings RRS feed

  • General discussion

  • Hi all,

    One of my colleagues just found that one of our servers stopped sending out emails after the windows updates of a couple of days ago...

    We think that it might have been this patch => KB976323 - http://www.microsoft.com/technet/security/Bulletin/MS10-024.mspx 

    The issue was caused by the SMTP service settings being reset... We put them back now and everything works again but we are slightly worried that this might happen again!

    Has anyone else experienced this?

    Kind Regards,



    Thursday, April 15, 2010 8:34 AM

All replies

  • This patch also affected our servers.  Our relay settings were completely lost.
    Thursday, April 15, 2010 5:28 PM
  • Me too. Not happy.
    Friday, April 16, 2010 8:33 AM
  • Same here. The SMTP server could send mail from ASP and ASP .Net applications but not from other applications that had to be authenticated by the server and it would no longer relay mail from external applications connecting to the SMTP server (eg remote outlook clients).  It seemed to be an authentication issue.  If I set the authentication method (from the Access tab on properties) to Anonymous I found it would send email correctly, but of course anonymous is not a solution.  With both Basic authtication and Windows securty packaged selected the SMTP server would not relay mail. 

    The only solution I could find after spending hours on it was to uninstall KB976323.  That immediately fixed the problem.

    It's pretty poor that such a basic function in the SMTP server -- ie sending mail, which is what the SMTP server is for! -- could be broken by this security update. Clearly it wasn't tested.



    Saturday, April 17, 2010 12:27 AM
  • Hello

    This is a known issue of the patch:

    976323  MS10-024: Description of the security update for Windows SMTP Service: April 13, 2010
    "Known Issues
    After you install this security update on a Windows Server 2008-based system that has Internet Information Services (IIS) installed, the SMTP configuration options are reset. Any SMTP configuration options that were set before you install this update are lost. Any SMTP configuration options that are needed must be manually reapplied after you install this security update. For more information about how to configure SMTP relay options, visit the following Microsoft Web page:
    http://technet.microsoft.com/en-us/library/cc784968(WS.10).aspx "

    If you have any other questions about this patch, please feel free to post them to the TechNet Windows Server Security Forum: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/threads.

    Jialiang Ge
    MSDN Subscriber Support in Forum
    If you have any feedback of our support, please contact msdnmg@microsoft.com.
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Welcome to the All-In-One Code Framework! If you have any feedback, please tell us.
    Monday, April 19, 2010 2:00 AM
  • I had the same problem this morning.

    Monday, April 19, 2010 9:32 AM
  • A post above said "This is a known issue of the patch:"  and "After you install this security update on a Windows Server 2008-based system that has Internet Information Services (IIS) installed, the SMTP configuration options are reset. "

    Actually this is not the case with Windows 2000 at least.  The SMTP settings were NOT reset.  The server just would not send mail.  If the settings were reset I could have simply set them again.  This would have been very simple -- I understand what the settings should be.  However the settings were not changed at all. The problem was that the patch PREVENTED THE SMTP SERVER ON WINDOWS 2000 FROM RELAYING MAIL.   Users that were authenticated could no longer relay mail.  As noted above the only solution was to uninstall the patch.

    So in the case of SMTP on Windows 2000 the problem we experienced was not a known issue at all.

    Monday, April 19, 2010 1:05 PM
  • Yes, this is a known issue, ONLY if people read the patches detail before windows update. Problem is, ALL of my servers are set to automatic windows update, so i won't even know what is applied until something like this happens.


    May i know exactly why this patch requires a set of all the settings?

    Monday, April 19, 2010 1:16 PM
  • It's clearly ridiculous that the patch doesn't restore the original settings.  We use a dedicated server that is managed by one of the bigger, more reliable hosting companies.  They test patches before applying them and they didn't pick up on this issue.  Our website was failing when sending email all weekend.

    I guess it's fixed now, but I haven't trusted the SMTP component for a long time.  It seems like a cheesy afterthought.  Microsoft, IIS7 is GREAT.  Please build an equivalent great SMTP component for IIS7.

    Monday, April 19, 2010 3:10 PM
  • I agree with Ben. This is just ridiculous! 


    Thursday, April 29, 2010 2:40 PM
  • Correct, the SMTP settings issue only affects Windows 2008 and Windows 2008 R2, no other version.  Any other issues are probably not directly related to the fix, but if you need our assistance investigating, do not hesitate to contact us.

    We are aware of the issue and apologize for any problems that were caused.  The Known Issues section does contain a workaround, and if the damage was already done, the settings can often be easily restored via a backup or script.  If you have a server that you should need our assistance restoring the SMTP configuration, please do open a ticket with CSS at no cost to you per our policies with product bugs and security issues and we will do our best to assist you quickly.

    Please know that we are working to release an updated fix that will not cause these issues for future installs.  Unfortunately, the issue is in the patching software which is making this more challenging to get fixed and properly tested.  We will release the updated fix as soon as we're confident in the quality.

    Again, we apologize for any problems that may have been caused.  Please let us know if we can be of assistance.

    Scott Landry
    Exchange Server Product Quality, Customer Support



    Friday, April 30, 2010 4:22 PM
  • ScottL, you say "any other issues are probably not directly related to the fix" after I said "As noted above the only solution was to uninstall the patch."  Clearly you did not read my post carefully.  The problem WAS directly related to the fix.  As soon as I uninstalled the fix the problem vanished on Windows 2000 servers.

    Probably it hasn't been tested properly on Windows 2000, but I can assure you that: 1. settings were not reset and 2. It became impossible to relay mail using the SMTP server. All relays failed with an authentication error.  Uninstalling KB976323 immediately the fixed the problem with no other action being required from me. Given that was the only action I took on all my servers I think it's pretty clear cut:  the fix WAS THE DIRECT CAUSE OF THE PROBLEM.


    Saturday, May 1, 2010 1:59 AM