|
 |
access_asp thread: Re: Seeking advice regarding ASP mail
Message #1 by "sohini sengupta" <rumni_sg@h...> on Wed, 29 May 2002 17:44:45 +0000
|
|
Ken
I want to use ASP mail but heard that SMTP makes your system vulnerable to
hackers. I already got infected with NImda once and don't want to fall prey
again. But my system needs to send email as and when a user registers for
the first time. Can you suggest alternatives.
Thanks
Sohini
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
Message #2 by Karri Peterson <KPeterson@C...> on Wed, 29 May 2002 12:48:18 -0500
|
|
By ASP mail are you talking about using the CDONTS object?
set objNewMail = server.createobject("CDONTS.NewMail")
objNewMail.to = "someone@s..."
objNewMail.from = "me@a..."
objNewMail.subject = "test subject"
objNewMail.body = "Put message here."
objNewMail.send
set objNewMail = Nothing
-----Original Message-----
From: sohini sengupta [mailto:rumni_sg@h...]
Sent: Wednesday, May 29, 2002 12:45 PM
To: Access ASP
Subject: [access_asp] Re: Seeking advice regarding ASP mail
Ken
I want to use ASP mail but heard that SMTP makes your system vulnerable to
hackers. I already got infected with NImda once and don't want to fall prey
again. But my system needs to send email as and when a user registers for
the first time. Can you suggest alternatives.
Thanks
Sohini
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
Message #3 by Karri Peterson <KPeterson@C...> on Wed, 29 May 2002 13:04:12 -0500
|
|
Most email packages on Microsoft are going to go through either smtp or a
mail server.
There's a whitepaper at http://www.nextgenss.com/papers/aspmail.pdf (you
have to have a login for it) about
how CDONTS/aspmail is spoofed and about doing a little validation to limit
the threat of an attack through it.
I am not sure how you would spoof an email attachment through it if it is
run server side unless someone got on your server first
and then made a virus go out from your server, but that's about security on
the server itself.
I think the concerns you have about the input stuff on your site would be
answered by the validation information
in this pdf--I guess I would think that you would have the same potential
for spoofing, etc., if you used a
non smtp object.
hmmm...
Karri
-----Original Message-----
From: sohini sengupta [mailto:rumni_sg@h...]
Sent: Wednesday, May 29, 2002 12:45 PM
To: Access ASP
Subject: [access_asp] Re: Seeking advice regarding ASP mail
Ken
I want to use ASP mail but heard that SMTP makes your system vulnerable to
hackers. I already got infected with NImda once and don't want to fall prey
again. But my system needs to send email as and when a user registers for
the first time. Can you suggest alternatives.
Thanks
Sohini
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
Message #4 by "sohini sengupta" <rumni_sg@h...> on Wed, 29 May 2002 18:42:36 +0000
|
|
Thanks for responding. I am yet to start using it, was gauging pros and
cons. Will visit the URL.
Thanks a lot.
Sohini.
>From: Karri Peterson <KPeterson@C...>
>Reply-To: "Access ASP" <access_asp@p...>
>To: "Access ASP" <access_asp@p...>
>Subject: [access_asp] Re: Seeking advice regarding ASP mail
>Date: Wed, 29 May 2002 13:04:12 -0500
>
>Most email packages on Microsoft are going to go through either smtp or a
>mail server.
>
>There's a whitepaper at http://www.nextgenss.com/papers/aspmail.pdf (you
>have to have a login for it) about
>how CDONTS/aspmail is spoofed and about doing a little validation to limit
>the threat of an attack through it.
>I am not sure how you would spoof an email attachment through it if it is
>run server side unless someone got on your server first
>and then made a virus go out from your server, but that's about security on
>the server itself.
>
>I think the concerns you have about the input stuff on your site would be
>answered by the validation information
>in this pdf--I guess I would think that you would have the same potential
>for spoofing, etc., if you used a
>non smtp object.
>
>hmmm...
>
>Karri
>
>-----Original Message-----
>From: sohini sengupta [mailto:rumni_sg@h...]
>Sent: Wednesday, May 29, 2002 12:45 PM
>To: Access ASP
>Subject: [access_asp] Re: Seeking advice regarding ASP mail
>
>
>
>
>Ken
>
>I want to use ASP mail but heard that SMTP makes your system vulnerable to
>hackers. I already got infected with NImda once and don't want to fall prey
>again. But my system needs to send email as and when a user registers for
>the first time. Can you suggest alternatives.
>
>Thanks
>Sohini
>
>_________________________________________________________________
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
>
>
>
s f
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
|
|
|
View Cart
