SMTP BadMail data is being written to an encrypted folder

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at]  

Topic Last Modified: 2005-11-18

The Microsoft® Exchange Server Analyzer Tool queries the Win32_Directory Microsoft Windows® Management Instrumentation (WMI) class to determine the value of the Encrypted key for the SMTP BadMail folder. If the Exchange Server Analyzer finds the value for Encrypted set to True, a warning is displayed.

When messages arrive at the Exchange computer through the SMTP service, the data is written to the hard disk as an .eml file. By default, these files are stored in the <drive>:\Program Files\Exchsrvr\Mailroot folder on the same partition that Exchange is installed on. If the folder where the SMTP BadMail data is stored has file encryption turned on, Exchange performance may be severely degraded. Therefore, encrypting the folder where the SMTP BadMail data is stored is not supported.

If you receive this warning, you must turn off encryption on the folder where the SMTP BadMail data is stored, or you must move the SMTP BadMail data to a non-encrypted folder.

Microsoft does not support the storage of Exchange data files on an Encrypting File System (EFS) encrypted volume. When you store your Exchange data files on an encrypted volume, the additional overhead significantly affects Exchange performance. Exchange data files include the following files:

  • .edb files

  • .stm files

  • .log files

  • .dat files

  • .eml files

  • .chk files

To help secure your Exchange data files, it is recommended that you prevent unauthorized access to the Exchange computer and that you use the S/MIME message format to encrypt message data.

To resolve this error, you must either turn off file encryption on the BadMail folder, or move the BadMail folder to a location where encryption is not enabled.

To turn off file encryption on a given folder

  1. Right-click the folder where you want to turn off file encryption, and then click Properties.

  2. On the General tab, click Advanced.

  3. In the Advanced Attributes dialog box, clear the Encrypt contents to secure data check box, and then click OK.

To move the BadMail folder on Exchange 2000 Server or Exchange Server 2003

  1. Open Exchange System Manager.

  2. Click Administrative Groups, expand your administrative group, expand Servers, expand your server, expand Protocols, and then expand SMTP.

  3. Right-click your SMTP virtual server, and then click Stop.

  4. Right-click your SMTP virtual server, and then click Properties.

  5. On the Messages tab, next to the BadMail directory box, click Browse, and then type the path of the new location of the Queue folder.

  6. Click OK.

  7. Right-click your SMTP virtual server, and then click Start.

For more information about moving the Mailroot folder, see the Microsoft Knowledge Base article 822933, "How to change the Exchange 2003 SMTP Mailroot folder location" (

For more information about Exchange Server data files and EFS, see the Microsoft Knowledge Base article 834638, "Information about the storage of data files on an encrypted volume in Exchange Server" (

For information about how to secure messages in Exchange Server 2003, see the Exchange Server 2003 Message Security Guide (