[Dshield] IIS 4.0 SMTP Questions

Jeffrey Pike jpike at gpl.org
Wed Nov 19 18:07:13 GMT 2003

Apologies beforehand if this is off-topic.

We send a newsletter by e-mail to about 500 of our library's patrons. Our
ISP recently instituted a spam filter on its mail server such that it sends
the newsletter to the first 100 recipients in the To: field and rejects the

We also use the SMTP service in IIS 4.0 to automatically notify patrons by
e-mail about meeting rooms and museum passes that they have reserved.

I am considering using the SMTP service to circumvent our ISP's mail server
to send the newsletter. Many of the recipients are on AOL or Charter
Communications (the local broadband ISP). Is it possible that we will be
identified by Charter, AOL, or any other agency as sending spam and
therefore blacklisted, and will this make my server or network any more
vulnerable to an intrusion (by gleaning information from the message header,
for example)?

On the security tab under SMTP properties, I have set anonymous access to
only Windows NT Challenge/Response, denied access to all computers except my
server, and disallowed relaying. Outbound security is set to the default, no
authentication. I intend to initiate sending the message by dropping a
properly formatted text file into the pickup folder on the server.

Jeffrey Pike
Technology Services Librarian
Groton Public Library
Groton, MA 01450
jpike at gpl.org

More information about the list mailing list