I know with my webpage being hosted here if I specify my settings to reflect Code: <system.net> <mailSettings> <smtp from="[email protected]"> <network host="localhost"/> </smtp> </mailSettings> </system.net> It sends out e-mails without a problem. But if I want to test my local web app to send e-mails on a development machine at my office using the mailsettings below. Code: <system.net> <mailSettings> <smtp from="[email protected]"> <network host="smtp.gvnwlnpcom" password="#####" userName="#####"/> </smtp> </mailSettings> </system.net> It seems to send my e-mails out without any exception errors. But if modify my username and password which I know is incorrect, I get an exception error on my test email page which I expect, but the e-mails are still going out. How can this be? I dont have SMTP running on my IIS 5.1 but do have internet connection on the machine.
Are you sending to [email protected]? If you are, SMTP auth is unnecessary because the domain is hosted on the same server.
Thanks for your reply. Let me follow up with more details. My current Test web app is being hosted locally at my office location outside where the current gvnwlnp.com domain is being hosted at your server. I am using Visual Web Developer 2005 and using the "View In Browser" function to launch the page locally. I am using the smtp.gvnwlnp.com mail setting in my web.config for testing, but using a bogus Username and Password credentials. The recipients are [email protected], [email protected], [email protected]. When the app runs, it gives me an smtp exception which I expect, but the e-mail transaction is still being sent to [email protected] but no e-mail is sent to [email protected] or [email protected]. I appreciate your thoughts?
This is normal. The mail server will let the email through (without authenticating) if you are sending to a domain hosted on the same server.
So as long its locally on my test machine at my office, I define an smtp.gvnwlnp.com in my mailsettings in the web.config and have an internet connection it will let the e-mail be routed to the smtp.gvnwlnp.com without any authentication? So what prevents other users using my smtp.gvnwlnp.com in their web application relaying their e-mails? Is that a security issue? i.e. Joe who has abc.com being hosted at another ISP. He creates pages to send emails but now knows that he can use my smtp.gvnwlnp.com mail setting because there is no authentication to send e-mails. How do I stop this?
This is generally how most mail servers work. You can only send to anyone at gvnwlnp.com without authentication.
Okay, so no one can send to [email protected] using my smtp settings. That is good. Thanks for your replies.
