I’ve spoken with other developers about how to use the SMTP service built into Windows 2003 as an outbound SMTP relay. For example, say you have a small web site with an “Email this web page to a friend” feature. You want to be able to use Windows 2003 SMTP to send emails to anyone in the world, yet protect yourself from being used as an open relay by spammers. Normally you would make use of the authentication with Active Directory, but it becomes more problematic if you want to use the SMTP service from something like PHP or another machine.
Here’s how to make Windows SMTP a protected open relay:
Open up IIS Manager and expand the nodes under your computer.
Right-click Default SMTP Virtual Server and choose Properties
Click the Access tab, click Authentication, and check Anonymous Access. Uncheck the other boxes. Click OK. This allows Windows SMTP to send emails without authentication.
Click the Relay button, click Add, and specify which machines shouuld be allowed to send emails. At least enter 127.0.0.1 (the local machine) but you can also enter a network subnet to allow other machines on your network to use it as an SMTP server. Click OK.
Click OK, and close IIS Manager.
That’s it. You can now use that machine as a general purpose SMTP box.
Written by Ben Strackany -- October 7, 2004
Ben worked for a variety of tech startups in Chicago before moving to Portland and starting DevelopmentNow in 2005. When he's not herding cats, stirring pots, and taking names, he enjoys drinking coffee while irritating the studio audience with bad puns.
