Good point. We have created an eCommerce environment that follows the CISCO
Safe BluePrint for Enterprise Computing. This calls for the isolation of the
Web, Application, and Database server in logical layers and physical tiers.
Our preference is to only run IIS and not SMTP if we can help it. We don't
want to use any insecure protocols, such as Telnet, FTP, SMTP. The goal would
be to get mail from the application within the eCommerce module to the
external SMTP server in the Web Hosting (border) module in a secure way. We
are trying to prevent exploitation of SMTP within the eCommerce module.
Hope that sufficiently explains it.
--
Shannon Clyde
Information Security Officer
Travis County Government
"Chad Z. Hower aka Kudzu" wrote:
"=?Utf-8?B?U2hhbm5vbiBDbHlkZQ==?="
<Sh**********@discussions.microsoft.com> wrote in
news:AA**********************************@microsof t.com: SMTP + relay + auth in an IPSEC tunnel to connect to our primary SMTP
mail server (GroupWise) from the Web server looks like it would work
fine, but is it the best way?
It depends what you want to do - you dont really state what your ultimate goal or constraints are.
I am aware of CDOSYS and some commercial DLLs that allow devs to send
mail from within .ASP and .NET without local SMTP service running.
Indy has an SMTP relay that can do that as well, but you are more likely to be spam trapped if IP is
not registered as an SMTP server. Its free with source:
http://www.indyproject.org/
Is there any OTHER way to connect to an external SMTP server for mail
delivery from a .NET application?
You can do it manualy.. but most SMTP's expect pipelining etc and you have DNS lookups, pass
offs, precedence to handle, etc.. Not easily implemented on your own.
--
Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
"Programming is an art form that fights back"
Get your ASP.NET in gear with IntraWeb!
http://www.atozed.com/IntraWeb/
