| Groups | Blog | Home |
iis smtp nntp : Unable to send SMTP email using IIS 5.0 SMTP
to a external Smart Host. The IIS apps is suppose to use CDONTS to send the email. The server was hardened before by a former colleague, but I still proceed to do a quick test to check out if the server is able to send a simple SMTP email to our domain. After running a simple ASP script which is meant to send a simple SMTP email, I hit this error : "Page could not be found". The sending of the email just failed. Using the same script, I test it into a test IIS 5.0 server, it is able to send without any problem. I was wondering if there is any security hardening technique that can prevent us from sending SMTP emails using CDONTS? Appreciate any help.
Hi Gafvert,
Yes. IISLockdown was previously used to tighten the security of this IIS server as well. I have uninstalled URLScan and rerun IISLockdown to restore back the meta data, previous configurations, etc. But the problem still occurs. Since then I have not installed IISLockdown on this server. On the test server, I tried to run the IISLockdown and realise that if I remove WebDav, I will also experience the same "Page cannot be found error". You mentioned about ASP extension is blocked, but I am still able to run some ASP web based applications developed by my vendor on the server.. is there anyway to check if ASP is still blocked? could there be something else? Thanks. [quoted text, click to view] "Kristofer Gafvert" wrote:
> Hello, > > "Page could not be found" means that the page could not be found. This means > that it did not even get to the SMTP server, and the problem cannot be SMTP. > > Is URLScan or other security tools installed on this server? Is it possible > that the asp extension is blocked? > > -- > Regards, > Kristofer Gafvert > http://www.ilopia.com > > > "Philip Wang" <Philip Wang@discussions.microsoft.com> wrote in message > news:04A7748D-4886-4395-8008-042CDD9EE1B0@microsoft.com... > > Hi, I just setup a SMTP virtual server which is meant to forward any > emails > > to a external Smart Host. The IIS apps is suppose to use CDONTS to send > the > > email. > > > > The server was hardened before by a former colleague, but I still proceed > to > > do a quick test to check out if the server is able to send a simple SMTP > > email to our domain. After running a simple ASP script which is meant to > send > > a simple SMTP email, I hit this error : "Page could not be found". The > > sending of the email just failed. > > > > Using the same script, I test it into a test IIS 5.0 server, it is able to > > send without any problem. I was wondering if there is any security > hardening > > technique that can prevent us from sending SMTP emails using CDONTS? > > > > Appreciate any help. > > > > Thanks. > >
Hello,
"Page could not be found" means that the page could not be found. This means that it did not even get to the SMTP server, and the problem cannot be SMTP. Is URLScan or other security tools installed on this server? Is it possible that the asp extension is blocked? -- Regards, Kristofer Gafvert http://www.ilopia.com [quoted text, click to view] "Philip Wang" <Philip Wang@discussions.microsoft.com> wrote in message news:04A7748D-4886-4395-8008-042CDD9EE1B0@microsoft.com... > Hi, I just setup a SMTP virtual server which is meant to forward any emails > to a external Smart Host. The IIS apps is suppose to use CDONTS to send the > email. > > The server was hardened before by a former colleague, but I still proceed to > do a quick test to check out if the server is able to send a simple SMTP > email to our domain. After running a simple ASP script which is meant to send > a simple SMTP email, I hit this error : "Page could not be found". The > sending of the email just failed. > > Using the same script, I test it into a test IIS 5.0 server, it is able to > send without any problem. I was wondering if there is any security hardening > technique that can prevent us from sending SMTP emails using CDONTS? > > Appreciate any help. > > Thanks.
It doesn't seem like asp extensions are blocked in your case. What is the
file name that generates "Page cannot be found"? Maybe it has another extension. It is possible to have a page that posts to another page, and this other page do the actual email handling. Can you please also disable "Show Friednly HTTP Errors" in your browser. -- Regards, Kristofer Gafvert http://www.ilopia.com [quoted text, click to view] "Philip Wang" <PhilipWang@discussions.microsoft.com> wrote in message news:A671E637-7F7D-4C6B-9C3E-D1866013B6A1@microsoft.com... > Hi Gafvert, > > Yes. IISLockdown was previously used to tighten the security of this IIS > server as well. I have uninstalled URLScan and rerun IISLockdown to restore > back the meta data, previous configurations, etc. But the problem still > occurs. Since then I have not installed IISLockdown on this server. > > On the test server, I tried to run the IISLockdown and realise that if I > remove WebDav, I will also experience the same "Page cannot be found error". > > You mentioned about ASP extension is blocked, but I am still able to run > some ASP web based applications developed by my vendor on the server.. is > there anyway to check if ASP is still blocked? could there be something else? > > Thanks. > > "Kristofer Gafvert" wrote: > > > Hello, > > > > "Page could not be found" means that the page could not be found. This means > > that it did not even get to the SMTP server, and the problem cannot be SMTP. > > > > Is URLScan or other security tools installed on this server? Is it possible > > that the asp extension is blocked? > > > > -- > > Regards, > > Kristofer Gafvert > > http://www.ilopia.com > > > > > > "Philip Wang" <Philip Wang@discussions.microsoft.com> wrote in message > > news:04A7748D-4886-4395-8008-042CDD9EE1B0@microsoft.com... > > > Hi, I just setup a SMTP virtual server which is meant to forward any > > emails > > > to a external Smart Host. The IIS apps is suppose to use CDONTS to send > > the > > > email. > > > > > > The server was hardened before by a former colleague, but I still proceed > > to > > > do a quick test to check out if the server is able to send a simple SMTP > > > email to our domain. After running a simple ASP script which is meant to > > send > > > a simple SMTP email, I hit this error : "Page could not be found". The > > > sending of the email just failed. > > > > > > Using the same script, I test it into a test IIS 5.0 server, it is able to > > > send without any problem. I was wondering if there is any security > > hardening > > > technique that can prevent us from sending SMTP emails using CDONTS? > > > > > > Appreciate any help. > > > > > > Thanks. > > > > > >
On Mon, 18 Oct 2004 08:39:05 -0700, "Philip Wang"
[quoted text, click to view] <PhilipWang@discussions.microsoft.com> wrote: >Hi Gafvert, > >Yes. IISLockdown was previously used to tighten the security of this IIS >server as well. I have uninstalled URLScan and rerun IISLockdown to restore >back the meta data, previous configurations, etc. But the problem still >occurs. Since then I have not installed IISLockdown on this server. > >On the test server, I tried to run the IISLockdown and realise that if I >remove WebDav, I will also experience the same "Page cannot be found error". > >You mentioned about ASP extension is blocked, but I am still able to run >some ASP web based applications developed by my vendor on the server.. is >there anyway to check if ASP is still blocked? could there be something else? If ASP is working for some, then it works for all. Though the Page Not Found could be an issue with the code in the page, the location of the page, or simply the response page *after* the mail is sent, so I'm not sure it really means your problem is there. You'll need to look at the IIS logs to see what specific page wasn't found. There are many things that can be wrong, but to verify your SMTP settings see: HOW TO: Test Windows 2000 IIS SMTP Services Manually http://support.microsoft.com/default.aspx?scid=kb;en-us;286421 For other errors, you'll need to debug the code. Try posting the code to an ASP group for help there. Jeff [quoted text, click to view] >"Kristofer Gafvert" wrote:
> >> Hello, >> >> "Page could not be found" means that the page could not be found. This means >> that it did not even get to the SMTP server, and the problem cannot be SMTP. >> >> Is URLScan or other security tools installed on this server? Is it possible >> that the asp extension is blocked? >> >> -- >> Regards, >> Kristofer Gafvert >> http://www.ilopia.com >> >> >> "Philip Wang" <Philip Wang@discussions.microsoft.com> wrote in message >> news:04A7748D-4886-4395-8008-042CDD9EE1B0@microsoft.com... >> > Hi, I just setup a SMTP virtual server which is meant to forward any >> emails >> > to a external Smart Host. The IIS apps is suppose to use CDONTS to send >> the >> > email. >> > >> > The server was hardened before by a former colleague, but I still proceed >> to >> > do a quick test to check out if the server is able to send a simple SMTP >> > email to our domain. After running a simple ASP script which is meant to >> send >> > a simple SMTP email, I hit this error : "Page could not be found". The >> > sending of the email just failed. >> > >> > Using the same script, I test it into a test IIS 5.0 server, it is able to >> > send without any problem. I was wondering if there is any security >> hardening >> > technique that can prevent us from sending SMTP emails using CDONTS? >> > >> > Appreciate any help. >> > >> > Thanks. >> >> >>
Hi Jeff & Gafvert,
Thanks. Something interesting: Using CDO ASP script does send out SMTP emails! I managed to solve the problem after a long day of testing. Apparently, there are 4 components that impacted the SMTP and IIS : 1) IISLockdown 2) URLScan Tool 3) WebDav in IISLockDown 4) IIS SSI #Exec If you enable any of the above to harden your server, you will hit the error message in IIS when you try to run a CDONTS ASP script : Page cannot be displayed. HTTP 500 Server error. I have removed the hardening of IIS and will be doing a cautious hardening again to ensure that it will cause anymore of this CDONTS SMTP issue. Thanks so much for your advise. [quoted text, click to view] "Kristofer Gafvert" wrote:
> It doesn't seem like asp extensions are blocked in your case. What is the > file name that generates "Page cannot be found"? Maybe it has another > extension. It is possible to have a page that posts to another page, and > this other page do the actual email handling. > > Can you please also disable "Show Friednly HTTP Errors" in your browser. > > -- > Regards, > Kristofer Gafvert > http://www.ilopia.com > > > "Philip Wang" <PhilipWang@discussions.microsoft.com> wrote in message > news:A671E637-7F7D-4C6B-9C3E-D1866013B6A1@microsoft.com... > > Hi Gafvert, > > > > Yes. IISLockdown was previously used to tighten the security of this IIS > > server as well. I have uninstalled URLScan and rerun IISLockdown to > restore > > back the meta data, previous configurations, etc. But the problem still > > occurs. Since then I have not installed IISLockdown on this server. > > > > On the test server, I tried to run the IISLockdown and realise that if I > > remove WebDav, I will also experience the same "Page cannot be found > error". > > > > You mentioned about ASP extension is blocked, but I am still able to run > > some ASP web based applications developed by my vendor on the server.. is > > there anyway to check if ASP is still blocked? could there be something > else? > > > > Thanks. > > > > "Kristofer Gafvert" wrote: > > > > > Hello, > > > > > > "Page could not be found" means that the page could not be found. This > means > > > that it did not even get to the SMTP server, and the problem cannot be > SMTP. > > > > > > Is URLScan or other security tools installed on this server? Is it > possible > > > that the asp extension is blocked? > > > > > > -- > > > Regards, > > > Kristofer Gafvert > > > http://www.ilopia.com > > > > > > > > > "Philip Wang" <Philip Wang@discussions.microsoft.com> wrote in message > > > news:04A7748D-4886-4395-8008-042CDD9EE1B0@microsoft.com... > > > > Hi, I just setup a SMTP virtual server which is meant to forward any > > > emails > > > > to a external Smart Host. The IIS apps is suppose to use CDONTS to > send > > > the > > > > email. > > > > > > > > The server was hardened before by a former colleague, but I still > proceed > > > to > > > > do a quick test to check out if the server is able to send a simple > SMTP > > > > email to our domain. After running a simple ASP script which is meant > to > > > send > > > > a simple SMTP email, I hit this error : "Page could not be found". The > > > > sending of the email just failed. > > > > > > > > Using the same script, I test it into a test IIS 5.0 server, it is > able to > > > > send without any problem. I was wondering if there is any security > > > hardening > > > > technique that can prevent us from sending SMTP emails using CDONTS? > > > > > > > > Appreciate any help. > > > > > > > > Thanks. > > > > > > > > > > >
On Tue, 19 Oct 2004 01:11:02 -0700, "Philip Wang"
[quoted text, click to view] <PhilipWang@discussions.microsoft.com> wrote: >Hi Jeff & Gafvert, > >Thanks. Something interesting: Using CDO ASP script does send out SMTP emails! > >I managed to solve the problem after a long day of testing. > >Apparently, there are 4 components that impacted the SMTP and IIS : >1) IISLockdown >2) URLScan Tool >3) WebDav in IISLockDown >4) IIS SSI #Exec None of those will affect SMTP (URLScan isn't related to SMTP) and these all point to your code being at issue or blocked. Which is why new code worked. [quoted text, click to view] >If you enable any of the above to harden your server, you will hit the error >message in IIS when you try to run a CDONTS ASP script : Page cannot be >displayed. HTTP 500 Server error. Might help to tell us an Error 500 next time. And see: Why do I get a 500 Internal Server error for all ASP errors? http://www.aspfaq.com/show.asp?id=2109 [quoted text, click to view] >I have removed the hardening of IIS and will be doing a cautious hardening >again to ensure that it will cause anymore of this CDONTS SMTP issue. Don't go back to CDONTS. It's deprecated and you really want to use CDO.SYS, which you had working anyway. Jeff [quoted text, click to view] >Thanks so much for your advise.
> >"Kristofer Gafvert" wrote: > >> It doesn't seem like asp extensions are blocked in your case. What is the >> file name that generates "Page cannot be found"? Maybe it has another >> extension. It is possible to have a page that posts to another page, and >> this other page do the actual email handling. >> >> Can you please also disable "Show Friednly HTTP Errors" in your browser. >> >> -- >> Regards, >> Kristofer Gafvert >> http://www.ilopia.com >> >> >> "Philip Wang" <PhilipWang@discussions.microsoft.com> wrote in message >> news:A671E637-7F7D-4C6B-9C3E-D1866013B6A1@microsoft.com... >> > Hi Gafvert, >> > >> > Yes. IISLockdown was previously used to tighten the security of this IIS >> > server as well. I have uninstalled URLScan and rerun IISLockdown to >> restore >> > back the meta data, previous configurations, etc. But the problem still >> > occurs. Since then I have not installed IISLockdown on this server. >> > >> > On the test server, I tried to run the IISLockdown and realise that if I >> > remove WebDav, I will also experience the same "Page cannot be found >> error". >> > >> > You mentioned about ASP extension is blocked, but I am still able to run >> > some ASP web based applications developed by my vendor on the server.. is >> > there anyway to check if ASP is still blocked? could there be something >> else? >> > >> > Thanks. >> > >> > "Kristofer Gafvert" wrote: >> > >> > > Hello, >> > > >> > > "Page could not be found" means that the page could not be found. This >> means >> > > that it did not even get to the SMTP server, and the problem cannot be >> SMTP. >> > > >> > > Is URLScan or other security tools installed on this server? Is it >> possible >> > > that the asp extension is blocked? >> > > >> > > -- >> > > Regards, >> > > Kristofer Gafvert >> > > http://www.ilopia.com >> > > >> > > >> > > "Philip Wang" <Philip Wang@discussions.microsoft.com> wrote in message >> > > news:04A7748D-4886-4395-8008-042CDD9EE1B0@microsoft.com... >> > > > Hi, I just setup a SMTP virtual server which is meant to forward any >> > > emails >> > > > to a external Smart Host. The IIS apps is suppose to use CDONTS to >> send >> > > the >> > > > email. >> > > > >> > > > The server was hardened before by a former colleague, but I still >> proceed >> > > to >> > > > do a quick test to check out if the server is able to send a simple >> SMTP >> > > > email to our domain. After running a simple ASP script which is meant >> to >> > > send >> > > > a simple SMTP email, I hit this error : "Page could not be found". The >> > > > sending of the email just failed. >> > > > >> > > > Using the same script, I test it into a test IIS 5.0 server, it is >> able to >> > > > send without any problem. I was wondering if there is any security >> > > hardening >> > > > technique that can prevent us from sending SMTP emails using CDONTS? >> > > > >> > > > Appreciate any help. >> > > > >> > > > Thanks. >> > > >> > > >> > > >> >> >>
Don't see what you're looking for? Try a search.
|
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
| home · blog · groups | Questions? Comments? Contact the dn |