1

We have recently changed the email services. The previous service allowed us to make SMTP connections without TLS. The new service requires TLS.

We have a couple applications that need to send email...and (of course) they do not support TLS.

To work around this, we configured the IIS 6 SMTP service to relay mail to the new service. We created a local domain user emaildude@internal.local and used these credentials in the applications.

We can now send email from the applications, BUT the from address is "support@domain.com on behalf of emaildude@internal.local".

Two questions: 1) Is there a way to get the from address to be simply "support@domain.com"? 2) Is there a better way to do this?

BTW --- we have this trouble with an internal app running on Win7 AND with an external app that is hosted on Win2003. Unfortunately, these applications are also third-party so we can't just break em open to add support for TLS.

Doug Clutter
  • 141
  • 5
  • Just to clarify, does the service require (a) using STARTTLS or (b) using SSL/TLS on connection (in which case SSL and TLS are mainly different versions of the protocol)? – Bruno Jun 08 '11 at 18:42

2 Answers2

1

We developed our own SMTP Proxy and have contributed it to the Open Source community: http://smtpproxy.codeplex.com

Have been using it on the internal network hitting it from multiple internal workstations and it works great. Also using it on our cloud network that handles our public facing web sites...works great there too.

Doug Clutter
  • 141
  • 5
0

You can use stunnel as a TLS proxy. It runs on Linux; not sure about Windows, but it's simple to use and very script friendly.

As for the "on behalf of," you could certainly setup an anonymous relay that doesn't require credentials, but you have to be careful not to expose this to the Internet in any way or you'd be blacklisted in a hurry. If it's internal/on the LAN only, IP filtering should suffice.

gravyface
  • 13,957
  • 19
  • 68
  • 100
  • Thanks for suggesting the use of a proxy. I've been so focused on getting a relay to work, that I hadn't considered a proxy which I expect will be a simpler, cleaner solution. – Doug Clutter Jun 02 '11 at 12:59
  • I've looked into STunnel and WinGate, but I am uncomfortable installing a third party product on our production servers. We have both Win2003 and Win2008 servers that need a solution for this problem, but I just can't shake the idea that setting up a proxy to bounce SMTP traffic to another box is one of those things that can be done "out of the box" by Windows. Do you know a way to configure Windows/IIS/whatever to do such proxying? Thanks. – Doug Clutter Jun 02 '11 at 13:03