IIS SMTP folders and domains explained

I created this post to explain the purpose of each SMTP folder. Understanding their various functions can assist in the troubleshooting process, if you encounter issues with mail delivery. There are numerous resources online that describe the SMTP folder structure however, I felt that they weren’t descriptive enough. So here’s my attempt at making this easier to understand.

SMTP Folders

When you install the SMTP service it creates the following default folder structure in order to process mail:


As you can see from the screenshot above, the folder C:\inetpub\mailroot\ contains 4 folders; Badmail, Drop, Pickup & Queue. They are explained below in the order that messages are processed:


The SMTP service will process messages in the Pickup folder as outbound messages and will attempt to deliver them. To demonstrate what happens when a message is placed in the Pickup folder, perform the following:

1. Create a text file on your desktop called email.txt and paste the following into it, remembering to change the email address information to reflect your own details:

From: blog@yourdomain.com
To: email@yourdomain.com
Subject: Email test

This is the test body of the email


2. Save the changes to email.txt and then copy the file to C:\inetpub\mailroot\Pickup. The SMTP server monitors this folder and when it detects the email.txt file, it will read the contents and send the email to the address in the To: section. This should happen almost immediately.

3. Check the email address the email was sent to and it should arrive shortly – the email was sent to my Gmail account:


A quicker way and easier was of emulating the creation of messages in the Pickup folder is to run a PowerShell command that generates an email. Enter the command below, changing where appropriate the -To and -From addresses:

PS C:\Users\admin> Send-MailMessage -SMTPServer localhost -To xxxxx@gmail.com -From xxxxx@yourdomain.com -Subject "This is a test email" -Body "Hi, this is a test email sent via PowerShell"

Messages generally don’t build up in the Pickup folder, once detected the SMTP server will try to deliver them. If the intended recipient is a member of the local domain, the SMTP service will move the message to the Drop folder.


Incoming messages intended for the local domain are placed in the Drop folder. It is very unlikely that you will require the use of the Drop folder in a real-world scenario. Messages in the Drop folder must be retrieved using an email client such as Outlook but also require POP3 server software to be installed in order to enable end-users to connect to and retrieve those messages in the Drop folder. Server 2003 had the option to install the POP3 service but this has since been deprecated on versions of Windows Server since then.

If you are seeing that messages that your applications generate are building up in the Drop folder then this will be most likely be caused by configuring the default local domain to use your DNS domain namespace. The best way to illustrate this is to show you an example.

1. Currently my default local domain is configured with the name of my server, WEB1:


2. I use the PowerShell command below to send an email to blog@vsysad.com:

PS C:\Users\admin> Send-MailMessage -SMTPServer localhost -To blog@vsysad.com -From admin@vsysad.com -Subject "This is a test email" -Body "Hi, this is a test email sent via PowerShell"

The message is subsequently placed in the Pickup folder and processed and routed through to the mail server that handles mail for the vsysad.com domain. This message is delivered successfully.

3. However, lets change the default local domain to be vsysad.com per the below:

The vsysad.com DNS domain is now considered to be a local domain. If I were to use the same PowerShell command from step 2 above, the message will be processed per the usual method but will be placed the Drop folder:


The message will remain there until I use an email client to connect to the server via POP3 to download it. This will require 3rd party POP3 mail server software to enable this.


Messages that cannot be delivered  immediately are moved  from the Pickup folder to the Queue folder. The SMTP service will attempt repeatedly to deliver messages in the Queue folder. The number of times it will attempt to deliver the message is configured in the delivery tab, see below:

I have noticed that when delivering emails to domains such as Gmail and Yahoo for the first time, messages will remain in the Queue folder for some time while the SMTP server tries to re-deliver them.


Emails that could not be delivered to the intended recipient are left in the Badmail folder. After the number of attempts configured in the Delivery tab (see screenshot above) to deliver the message have not been successful, the message will be moved to the Badmail folder. Messages in the Badmail folder will remain there until administrators diagnose the cause and implement a fix.

Common causes of messages ending up in the Badmail folder are incorrect or invalid email addresses and DNS issues. Follow instructions in these posts to verify DNS and successful mail routing respectively.

Once messages are in the Badmail folder, they can be opened up in notepad and examined. Open up the corresponding .BAD file(s) which will reveal the reason for the message delivery failure. An example is below, whereby the message failed because the recipient’s email address was invalid:


SMTP Domains

It is very important to clarify the distinction between a local domain and a remote domain within the SMTP settings. Choosing the wrong SMTP domain type will result in unintended results.

Local Domains

As stated in the Drop folder section above, a local domain is a DNS domain that is serviced by the local SMTP server. In my example, vsysad.com was the local default domain.

Messages that are received by an SMTP server that are destined for email addresses within the local domain will not be looked up in DNS, they will be dumped straight to the Drop folder. In the case of most environments the SMTP server is used simply to send mail and not to handle incoming mail for that domain. If this is the case for you, do NOT enable your DNS domain as a local domain within the SMTP server.

You can specify local domains as either default or alias. There can only be one default domain. An alias domain is an alias of the default domain. If you add a new domain and configure it as the new default, the previous default changes to an alias domain.

Remote Domains

Domains that are not designated as local are remote domains. The SMTP service looks up remote domains in DNS and will process the mail according to the settings configured for that specific remote domain. For example, you can add a remote domain and require that the SMTP service always use Transport Layer Security (TLS) encryption in sessions with that domain, which is the case for Gmail.

I hope this post demystifies the various SMTP folders and explains how mis-configuring the domain type can lead to unwanted messages in the Drop folder.

SMTP Domains
How the SMTP Service works

Testing SMTP Server from the command line

In a previous post I explained how to use the SMTPDIAG tool to test that SMTP and DNS were configured correctly. The tool does not however send a test message.

In this post I wil demonstrate two methods of sending test emails via the command line.

Method 1 – Telnet

I am going to assume that your server is Windows Server 2008 R2, although these steps will work on Server 2003 also. Another assumption is that you have the telnet client installed. If you don’t have it installed follow the steps in this post and then follow these instructions:

1. Fire up the command prompt and type telnet:


2. At the telnet prompt, type set LocalEcho then press ENTER:

Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
Microsoft Telnet>set LocalEcho

3. Then type open localhost 25 and then press ENTER.

Welcome to Microsoft Telnet Client
Escape Character is 'CTRL+]'
Microsoft Telnet>set LocalEcho
Local echo on
Microsoft Telnet>open localhost 25

The output will look similar to this:

220 mail.vsysad.com Microsoft ESMTP MAIL Service, Version: 7.5.7601.17514 ready at Fri, 23 Aug 2013 01:02:03 +0000

4. Type helo me and then press ENTER. You should receive a 250 response from the SMTP Server meaning that it has accepted your command:

helo me
250 mail.vsysad.com Hello []

5. Then type the mail from:email@domain.com – obviously fill in the email address you are actually sending from and then press ENTER. The output will be similar to the below:

mail from:blog@vsysad.com
250 2.1.0 blog@vsysad.com....Sender OK

6. Type rcpt to:youremail@yourdomain.com – the address you are sending to and then press ENTER. The output will be similar to the below:

rcpt to:recipient@gmail.com
250 2.1.5 recipient@gmail.com

7. Type Data and then press ENTER, resulting in the following:

354 Start mail input; end with <CRLF>.<CRLF>

8. Type Subject:This is a test email and then hit ENTER twice. Then type This is a test email being sent via telnet and hit ENTER. Hit ENTER again, then type a full stop (.), and then hit ENTER once more:

Subject:This is a test email

This is a test email being sent via telnet


9. The resulting output would be similar to this:

250 2.6.0 <WEB1Ze4CkNl4THZaN1E00000004@mail.vsysad.com> Queued mail for delivery

It means that an email has been generated and is in the queue and is ready to be delivered.

10. Now that you have finished, type quit and the connection to the SMTP Server will be closed:

221 2.0.0 mail.vsysad.com Service closing transmission channel

Connection to host lost.

A screenshot of all the commands being run is below:


That’s it. Now go to your email account and verify that the email has arrived successfully. In my case I received the email below to my Gmail account:


Method 2 – PowerShell

The PowerShell method is much less tedious and is my recommended way of sending email via the command line on Windows. Assuming that PowerShell is installed on your server, launch the console and simply run the command below, ensuring that you complete the sending and receiving email addresses plus the subject and body text:

PS C:\Users\admin> Send-MailMessage -SMTPServer localhost -To xxxxx@gmail.com -From blog@vsysad.com -Subject "This is a test email" -Body "Hi Japinator, this is a test email sent via PowerShell"

The above command sent an email to my Gmail account, a screenshot of the email generated is below:


The PowerShell method is far easier to use. You can save the command in a .ps1 file and run it on demand whenever you need to test sending/routing of mail.

How To Test SMTP Services Manually in Windows Server 2003
PowerShell Send-MailMessage command line reference