5

We have an asp.net application that takes care of sending our in product emails. We would like to use the application pools account to send authenticated emails to our exchange server.

Our web.config looks as follows:

  <smtp deliveryMethod="Network" from="support@company.com">
    <network host="mail.company.com" defaultCredentials="true"/>
  </smtp>

Based on the msdn docs, I would expect this to use the app pool credentials when sending email. However, at runtime no attempt is made to authenticate.

Digging into the System.Net code, it looks like the defaultCredentials option will cause us to use the CredentialCache.DefaultCredentials property, which populates credentials with an empty username and password. Thus, this may be the cause of the issue.

Due to security concerns, we do not want to populate an explicit username and password within the smtp configuration section. We do not want to use an open relay at all (which is what we are currently using), because we do not have a way to throttle or stop email.

We would like the app pool to authenticate, so we can disable the mailbox in the situation where our application encounters and error and spams us with email (which has already happened).

How can we configure our application to use the application pools credentials to send authenticated email?

badazzhindu
  • 913
  • 7
  • 21

2 Answers2

0

In the code that sends the email, do something like this...

SmtpClient client = new SmtpClient(); 
client.UseDefaultCredentials = false;
client.Credentials=new NetworkCredential("myusername","mypassword");

This will use the specified username and password. You can retrieve the username and password from an encrypted file or web service or some other secure location if you need to.

The other alternative is encrypting your configuration file.

mason
  • 31,774
  • 10
  • 77
  • 121
  • 2
    Our security folks do not want developers to have access to the credentials or know of its encrypted location. – badazzhindu Jun 17 '14 at 21:05
  • Developers *have* to know where. Can't use it if they can't find it. Just let a low privileged account send the email. Store the password encrypted so they can't actually see it. – mason Jun 17 '14 at 21:08
0

I suspect this isn't possible since SMTP requires a username and password to authenticate in most cases. If your running the application pool under any of the built in account (like NETWORK SERVICE or ApplicationPoolIdentity) there are essentially no credentials to pass around for SMTP to use. Or to make them work, would be outside the standard SMTP specification using some crazy form of non-standard Windows authentication.

Then, if you're running the application pool as a user, the username and password are stored in encrypted, but reversible, format on the server. That username and password could be obtained and used in a larger scale attack against a network so it's a larger security risk if a random application could be run to obtain the credentials of a valid local/domain user. Or even worse, could you imagine a desktop .NET application running, and able to retrieve the current running user credentials? Things head down hill fast if you're able to retrieve credentials like that.

You've got a couple of options including using a web service to send email, create a local SMTP server that allows unauthenticated access from only certain IP addresses, put the username and password in the application code, encrypt the web.config (both options in mason's answer). There are probably a few more options that I can't come up with right this second. May want to get with a sysadmin in your infrastructure to see what options are feasible.

Steven V
  • 16,357
  • 3
  • 63
  • 76