trapping an SMTP request

Posted on 2001-07-05
Last Modified: 2013-12-03
i am looking to have a handler called when any mail application submits a "send mail" via smtp.  is there a way to hook all smtp requests from a mail client within windows?
Question by:mnguyen021997
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 32

Expert Comment

ID: 6256652
There are many ways and they all have pro/cons.  Perhaps a bit more about what you are trying to accomplish would help...

Author Comment

ID: 6258458
so when a user trys and sends mail through either OE, eudora, netscape, etc i would like to trap that request and trigger an application to be launched (for all intents and purposes, it could be an MS Agent or something to greet them).
LVL 32

Accepted Solution

jhance earned 100 total points
ID: 6259165
Do you want to be able to do this without having to reconfigure the email software?

If so, then you have two options:

1) Hooking the WINSOCK functions that establish the connection.  Probably connect() at least.  This technique called API hooking is described in Richter's book, Programming Applications for Windows.  It's somewhat complex and a different technique is needed for Win9x vs. NT/2000.

2) Writing an NDIS Intermediate driver to intercept the network packets for the SMTP connection.  This is a very powerful technique but it has the added complexity of being done as a device driver.  Also different between Win9x and NT/2000.  You might look at the PCAUSA ( web site for information about this and a toolkit that can help with this.

If the EMAIL client can be reconfigured, then a technique similar to what Norton Anti-Virus and other virus scanners that check email do, namely, writing a local "server" that clients connect to and then passing that onto the real server after scanning the data.  You could redirect your SMTP traffic to a local "SMTP" server.  It would do whatever it is you want to do with the traffic and then pass it on to the real SMTP server.
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now


Assisted Solution

robpitt earned 100 total points
ID: 6259252
A 3rd option for you... write a winsock layered service provider. See

See also the MailControl app at I'm pretty sure this uses a winsock LSP dll. Infact ask Yariv the author of the above for the source - he's quite approachable.


Author Comment

ID: 6259520
is there not a way to hook it from a registry entry?  i was under the assumption you could write your own protocol handler by redirecting some entries in the registry.
LVL 32

Expert Comment

ID: 6259574

Interesting idea about the SPI.  It's one of those Winsock 2 features that has gone practically unnoticed.  I'm not sure what is more thinly documented, the NDIS driver interface or the WINSOCK 2 SPI....


There is a grain of truth to what you are saying but the implications are large.  True, a registry entry is all it takes to insert a driver into the Windows network protocol stack but, and this is a big BUT, what you do must be a fully compliant driver for the place where you insert it.  If not, you'll almost certainly get a BLUE SCREEN and a really messy situation.  I pointed you to the NDIS intermediate driver since it's far simpler that a full-blown NDIS network driver or a protocol driver.

Author Comment

ID: 6259975
i actually thought it was easier then that.  at least for "http" you could even devise your own protocol "mnguyenTP" that is used. but perhaps this is used only in the context of a browser.
LVL 32

Expert Comment

ID: 6260212
I'm not sure at all what you are referring to unless it is the HTTP PROXY protocol.  That's really easy to "tap into" via the proxy settings in all browsers.  SMTP does NOT have a proxy protocol that is commonly used so you're back to my earlier suggestion about a local server.  This is essentially a proxy for the real SMTP.

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA.…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question