In the configuration for my (web) application, the System.Net.Mail namespace is currently configured to use the IIS mail pickup directory:
<smtp deliveryMethod="PickupDirectoryFromIis"/>
My application is assuming the identity of the actual user, and it appears that mail is only allowed to be sent when logged in as someone in the Administrators group. When non-admins trigger some action that uses System.Net.Mail.SmtpClient to send mail, they get an error saying that .NET could not get the pickup directory from IIS.
Changing the web.config to use a "SpecifiedPickupDirectory" only partly solves the issue, as it introduces a new problem: the user is asked to reauthenticate when trying to send mail. Obviously, non-admins are not allowed to write to the pickup directory.
What is the "correct" way to solve this problem? I could change the ACL for the pickup directory manually to grant write permissions for the Users group, but that does not seem very elegant/secure. Also, I would prefer to keep the "PickupDirectoryFromIis" setting if possible. Is there some way to control who is allowed to queue mails through IIS?
