On Exchange 2003 we register as an eventsink with the SMTP service, so it is possible that Nessus is detecting something.

All indications I am getting from our backline team is that this should be fixed in SP1 of Server 2003

6.5 (7638.2) SP2. As far as I can see, there are no updates available from MS for this version. I suppose the only way to test is to remove and re-install?

Thanks,
Nick.

All the microsoft patches, windows update and install all the security patches

Yes, fully patched on MS Update. I was under the impression that the error in question was resolved in exchange sp2, which I'm running.

N.

The SMTP service on Server 2003 is not part of Exchange. It is part of the OS. Exchange just integrates with it.

If you were to try removing that service from Add/Remove programs, and then install Exchange, you will get errors.

So is the general consensus that this issue is not caused by Mail Security? I would have thought this would be a known issue, so I'm thinking perhaps it is something else on that machine (although no idea what, as there isn't much on it).

Not at all Nick, we are waiting for you to tell us if removing SMSMSE fixed the warning. If so, you will need to open a ticket with support so our backline engineers can investigate this.

I uninstalled mail security, but the issue still  occurred. So it isn't symantec's mail security product. Thanks!