Setting SMTP Banner In Exchange 2010…

All Exchange admins are familiar with the SMTP banner. It is the response received by a remote server after it connects to the receive connector of an Exchange 2010 Hub or Edge server. If the SMTP banner is not set on a receive connector, the default response will have the fqdn of the server, along…

All Exchange admins are familiar with the SMTP banner. It is the response received by a remote server after it connects to the receive connector of an Exchange 2010 Hub or Edge server. If the SMTP banner is not set on a receive connector, the default response will have the fqdn of the server, along with the information that the server in use is a Microsoft one.

Below is the default response from my telnet client. As the internal information becomes visible to outside servers, exchange admins tend to change it.

Default Telnet response 2010 SP1

I have seen companies using the “Specify the fqdn this connector will provide in response to EHLO” option in the receive connector as a means to set the banner. It is NOT the right way to do it.

Wrong way of setting smtp banner

The “banner” parameter of the Set-ReceiveConnector cmdlet needs to be used to configure the banner. Run the command below to set the banner. The banner text should start with 220, as stated in RFC 2821.

Set-ReceiveConnector –identity “ServerConnectorname” –Banner “220 banner text”

Set SMTP Banner

Once it is set, a telnet session will respond with the new banner.

Telnet Banner Response


  1. Hello Rajith

    Help me in the case, we are facing on it.
    My mail system have 2 hub-cas Ex 2010, mail to internet via smtp gateway call name Fortimail.

    One external mail system call name have just rejected all email of us. And this is alert

    qmail-smtpd[25603]: before greeting: [] client disconnected

    a client is forcibly disconnected because they sent data before the server sent the banner (which is a violation of RFC 2821.)

    So, how can i fix it?

    1. Additonal infomation: we can send email to every outside domain, but only one can not.

      Pls show me where is root cause. Thanks alot

  2. I am getting error message ” Smtp banner mismatch”. I am new to exchange. What possibly i find out that our sending and recieving connectors are having different fqdn’s. Our reverse Dns Ptr is pointing towards the fqdn which is in the sending connector. We are using microsoft forefront for exchange. Our local exchange server ip is mapped to public ip in our firewall.We are using split domain .local and .com.
    Gmail is tagging our email as spams.
    Mxtool box results shows no spf configure.
    Please help me out.

  3. Good Day
    Can you help me out, our mail server suddenly cannot receive incoming mails… my ISP change my public IP after i publish the static IP that ISP given to me cannot receive any incoming mails but rather it bounce back to the recipients. Outgoing is fine and run smoothly. Can anyone help me thanks in advance our email runs in Server 2003 and under Exchange System Manager.

    1. Rajith Jose Enchiparambil says:

      Hi Zaclipat,

      Once you change your IP address, you need to update your MX record in the public DNS to point to the new IP. Otherwise, external servers sending emails to you will try to route the emails to the old IP and will fail.


  4. Will this be the same setup if I have 4 different domain names?

  5. I followed your instructions and the SMTP banner changed.after two months again i changed the SMTP banner but it wont reflect…please advice

    1. Rajith Enchiparambil says:

      Did you try restarting the transport service Balaji?

  6. Derrick Law says:

    thank you for being clear.

    1. Rajith Enchiparambil says:

      Thanks Derrick

    1. Rajith Enchiparambil says:

      Thanks Amar

  7. Scott McDonnell says:


    I followed your instructions and the banner changed perfectly. I see the banner if I telnet to if, but if I run a test from or send a bogus email to the server, the domain.local hostname is being exposed? Not sure I want the local exchange server hostname and domain being on display like that. Is there a way to change this or should this not have been changed when I set the banner?


    1. Rajith Enchiparambil says:

      Hi Scott,

      That should have been changed. Do you have more than one server? If so, it needs to be done on all servers.

  8. Also please let me know if I create new receive connector with changed FQDN, will I have to crate new exchange certificate then?

    1. Rajith Enchiparambil says:

      No need to create a new certificate, unless you are using domain security with partner companies.

  9. Hi Rajith Enchiparambil,

    Thanks a lot for clear instructions, I really needed a superior professional guidance on this and looks like I am on right blog:

    Our ISP handles rDNS of this IP to and it is working fine.

    Can you please clarify this line more: Then create a new receive connector (say from Internet) and use the exchange ip rather than all ips which is the default for receiving ip.—-We use NAT in firewall (it forwards mail request coming from Static IP to dynamic IP) and exchange server LAN card has dynamic IP address only- Did you mean ‘use the exchange IP (dynamic IP’)?

    Can you also please provide any link that shows step by step configuration to create new receive connector along with the settings that shows the using exchange IP?


    1. Rajith Enchiparambil says:

      Hi Roshi,

      Any reason why you use dynamic IP for Exchange server?
      Why don’t you have static IPs from the private range for servers?

      Yes, I meant that IP of Exchange server. Do you have a DHCP reservation for the Exchange IP?


      1. I thought it is always safe to keep exchange server on Dynamic IPs as the server will be behind the firewall and only necessary traffic will be forwarded to the exchange\windows server 2008 R2 server. Its working fine in this way and we have exchange server 2003 in same way set up.

        Our firewall forwards SMTP,IMAP and POP traffic to the server that is coming to static IP (set up on firewall).

        Static IP it forwards it to (just a example).

        1. Rajith Enchiparambil says:

          Hi Roshi,

          All internal servers including DCs, Exchange etc should have a static IP from the private IP range. This is best practice and recommended.


      2. The situation was: I migrated SBS 2003 to Windows server 2008 R2 enterprise with exchange 2010-Now what I did:

        SBS server dynamic IP was – and we have DHCP scope from to 254.

        I provided IP address to the new WIN2k8 Server and now after migration I want to give SBS 2003′ IP ( to new server and change the IP of SBS server.

        Is it possible to change the Exchange server IP address after exchange installed?
        please let me know.

        1. Rajith Enchiparambil says:

          Hi Roshi,

          It is not nice to make changes to server after the installation. How big is the network?

  10. Hi All,

    can changign SMTP banner will require new exchange certificate as with new SMTP banner OLD self signed certificate will not work,

    isn’t it?

    I have a situation:

    I have migrated exchange 2003 to exchange 2010, moved all the mailboxes over to exchange 2010 but HAVE NOT moved public folder yet and using exchange default self signed certificate:

    Now few domains are not accepting our mails as Under:

    Organization configuration –> Hub Transport–> send connector does not have FQDNS name that matches with my A reocrd, there is no option to change the FQDNS name.

    I tried maxtoolbox utility and found that it says Warning – Reverse DNS does not match SMTP Banner.
    Ran command: Get-senconncector |fl and it shows NO FQDN name for it….

    Under server configuration–HUB transport—Default receive connector properties it shows the local comouter name of my server (Server.mydomain.local) not

    Please suggest how to reslove this issue.



    1. Rajith Enchiparambil says:

      Hi Roshi,

      SMTP Banner has nothing to do with cert.

      You can change the banner to what you have externally, eg; points to your public ip for smtp.
      If points to your public ip, say, then you need to create a reverse dns record / ptr record in your public dns to resolve it back, ie; points back to

      Then create a new receive connector (say from Internet) and use the exchange ip rather than all ips which is the default for receiving ip.
      Set as the fqdn in the new connector.

      Default connectors doesnt allow you to change fqdn and hence the need for a new one.


      1. Hi Rajith,

        If we create a new receive connector with the new FQDN to receive mail from the internet, should we

        1. Enable anonymous users access on the new internet receive connector and leave the default frontend connector enabled but without anonymous checked?

        2. Replicate all security settings from the default frontend connector to the new internet connector?

        Thanks in advance.

        1. Rajith Jose Enchiparambil says:

          That is correct Chas.

        2. Rajith Jose Enchiparambil says:

          You can even tie down your security settings to accept emails from a specific IP if you have a spam filter in front of your Exchange server.

  11. Rajith Jose Enchiparambil says:

    Hi Michael,

    Nothing wrong with creating a new connector. By default, you don't have to and use the cmdlet to set the banner.

  12. Michael Seidl says:

    Hi Rajith,

    but it is also recommended to create a separate Receive Connector, so there is no problem i think, to customize this Line in the GUI on the newly created Receive Connector.

    Michael Seidl aka Techguy

  13. Rajith Jose Enchiparambil says:

    Hi Anonymous,

    You can't set a banner (except internal server name, null value etc) on the default receive connector. You will need to create a new receive connector and play with the IPs to make the connector unique, then apply your banner text.

    Shell makes it easier, just a one-liner, no need of new connectors.

  14. Rajith Jose Enchiparambil says:

    Thanks Dinar

  15. Iraqi Dinar says:

    I came onto your blog and focus just slightly submits. Nice strategy for text. I'll be bookmarking straight away seize all of your rss.

  16. Anonymous says:

    I am interested to know why it is not s good idea to set it in the GUI. It seems MS made that for us….

Leave a Reply

Your email address will not be published. Required fields are marked *