Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

trapping an SMTP request

Posted on 2001-07-05
11
Medium Priority
?
316 Views
Last Modified: 2013-12-03
i am looking to have a handler called when any mail application submits a "send mail" via smtp.  is there a way to hook all smtp requests from a mail client within windows?
0
Comment
Question by:mnguyen021997
  • 4
  • 3
11 Comments
 
LVL 32

Expert Comment

by:jhance
ID: 6256652
There are many ways and they all have pro/cons.  Perhaps a bit more about what you are trying to accomplish would help...
0
 
LVL 2

Author Comment

by:mnguyen021997
ID: 6258458
so when a user trys and sends mail through either OE, eudora, netscape, etc i would like to trap that request and trigger an application to be launched (for all intents and purposes, it could be an MS Agent or something to greet them).
0
 
LVL 32

Accepted Solution

by:
jhance earned 400 total points
ID: 6259165
Do you want to be able to do this without having to reconfigure the email software?

If so, then you have two options:

1) Hooking the WINSOCK functions that establish the connection.  Probably connect() at least.  This technique called API hooking is described in Richter's book, Programming Applications for Windows.  It's somewhat complex and a different technique is needed for Win9x vs. NT/2000.

2) Writing an NDIS Intermediate driver to intercept the network packets for the SMTP connection.  This is a very powerful technique but it has the added complexity of being done as a device driver.  Also different between Win9x and NT/2000.  You might look at the PCAUSA (www.pcausa.com) web site for information about this and a toolkit that can help with this.

If the EMAIL client can be reconfigured, then a technique similar to what Norton Anti-Virus and other virus scanners that check email do, namely, writing a local "server" that clients connect to and then passing that onto the real server after scanning the data.  You could redirect your SMTP traffic to a local "SMTP" server.  It would do whatever it is you want to do with the traffic and then pass it on to the real SMTP server.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 5

Assisted Solution

by:robpitt
robpitt earned 400 total points
ID: 6259252
A 3rd option for you... write a winsock layered service provider. See http://www.microsoft.com/msj/0599/layeredservice/layeredservice.htm


See also the MailControl app at http://www.internals.com I'm pretty sure this uses a winsock LSP dll. Infact ask Yariv the author of the above for the source - he's quite approachable.

Rob
0
 
LVL 2

Author Comment

by:mnguyen021997
ID: 6259520
is there not a way to hook it from a registry entry?  i was under the assumption you could write your own protocol handler by redirecting some entries in the registry.
0
 
LVL 32

Expert Comment

by:jhance
ID: 6259574
robpitt,

Interesting idea about the SPI.  It's one of those Winsock 2 features that has gone practically unnoticed.  I'm not sure what is more thinly documented, the NDIS driver interface or the WINSOCK 2 SPI....

mnguyen,

There is a grain of truth to what you are saying but the implications are large.  True, a registry entry is all it takes to insert a driver into the Windows network protocol stack but, and this is a big BUT, what you do must be a fully compliant driver for the place where you insert it.  If not, you'll almost certainly get a BLUE SCREEN and a really messy situation.  I pointed you to the NDIS intermediate driver since it's far simpler that a full-blown NDIS network driver or a protocol driver.
0
 
LVL 2

Author Comment

by:mnguyen021997
ID: 6259975
i actually thought it was easier then that.  at least for "http" you could even devise your own protocol "mnguyenTP" that is used. but perhaps this is used only in the context of a browser.
0
 
LVL 32

Expert Comment

by:jhance
ID: 6260212
I'm not sure at all what you are referring to unless it is the HTTP PROXY protocol.  That's really easy to "tap into" via the proxy settings in all browsers.  SMTP does NOT have a proxy protocol that is commonly used so you're back to my earlier suggestion about a local server.  This is essentially a proxy for the real SMTP.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have ever found yourself doing a repetitive action with the mouse and keyboard, and if you have even a little programming experience, there is a good chance that you can use a text editor to whip together a sort of macro to automate the proce…
This article surveys and compares options for encoding and decoding base64 data.  It includes source code in C++ as well as examples of how to use standard Windows API functions for these tasks. We'll look at the algorithms — how encoding and decodi…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question