Question Custom Windows service - Send emails via SMTP

demondan

Member
Joined
May 24, 2018
Messages
17
Programming Experience
1-3
Hi
I have developed a windows service that receives requests to send out emails via a SQL database. Other applications populate the database and the windows service checks the database and processes the information to send out an email. I am struggling with understanding how specifying credentials works. I want it to use a specific domain username/password and I thought it was working but I noticed it sends out emails regardless of what I set as the username and password. I have the following code in regards to the credentials:

smtp.UseDefaultCredentials = false;
smtp.Credentials = new System.Net.NetworkCredential("test", "fail");

So in this case where username is test and password is fail - I would have thought this should not work. However it works! Why is it not failing?

Thanks!
Dan
 

demondan

Member
Joined
May 24, 2018
Messages
17
Programming Experience
1-3
Ha, that's a good question. I will have to speak with the server admin and find out! Cant believe I didn't think to consider that - thank you!
 

demondan

Member
Joined
May 24, 2018
Messages
17
Programming Experience
1-3
Hi
Sorry, bank holiday weekend so I haven't been to work. I have just posed the question to the server admin. Interestingly if I put the correct username and password in, it fails. But if I put the correct username in and a password which should fail, it works. I just don't understand the logic which the code goes through? Why does it fail with the correct username/password but I put in credentials that don't exist and it works? Regardless of if we have required credentials enabled I don't understand the process the code goes through?
thanks
Dan
 

Skydiver

Well-known member
Joined
Apr 6, 2019
Messages
214
Location
Virginia Beach, VA
Programming Experience
10+
What is the failure code returned to you by the SMTP server? Can the admin of the SMTP server provide you with log entries for the failed (as well as the unexpected successful attempts)?
 

Skydiver

Well-known member
Joined
Apr 6, 2019
Messages
214
Location
Virginia Beach, VA
Programming Experience
10+
Right now, it just sounds like there is a typo somewhere where they reversed their true vs. false Boolean checks.
 

Sheepings

Senior Programmer
Joined
Sep 5, 2018
Messages
166
Location
UK
Programming Experience
10+
Make sure you set SmtpClient.Credentials after setting SmtpClient.UseDefaultCredentials = false since its imperative that you get the order right. The setting of the bool resets your credentials. If you are still able to access your SMTP with any user/pass, I'd be looking to your network administrator for clarity on security.
 

demondan

Member
Joined
May 24, 2018
Messages
17
Programming Experience
1-3
Hi
After some more testing turns out if I match the specified from address with the specific username/password I've been told to use it works. I need to properly speak to my network admin who so far is proving difficult to get hold of. Thanks for your replies, I think speaking with the network admin is probably the best way forward.
 

Skydiver

Well-known member
Joined
Apr 6, 2019
Messages
214
Location
Virginia Beach, VA
Programming Experience
10+
Ah! Sounds like your SMTP server admin is applying some of the basic anti-spam techniques. Chances are that s/he may also require you to use a specific pattern for your From field in case you need to use a no-reply address. (My company threw that switch about 4 years ago where the sending machine's IP needed to be whitelisted, From field had to be legit addresses or special no-reply addresses, anybody with valid active AD accounts could send.)
 

demondan

Member
Joined
May 24, 2018
Messages
17
Programming Experience
1-3
Ah! Sounds like your SMTP server admin is applying some of the basic anti-spam techniques. Chances are that s/he may also require you to use a specific pattern for your From field in case you need to use a no-reply address. (My company threw that switch about 4 years ago where the sending machine's IP needed to be whitelisted, From field had to be legit addresses or special no-reply addresses, anybody with valid active AD accounts could send.)
That sounds like exactly what is happening....I will investigate further - thank you!
 
Top Bottom