Normally I would just put it somewhere on the portion of the server that's open up to everybody and then send the (http) link in an e-mail to the recipient. Simplicity itself. Then take it down after they have retrieved it. But now people are telling me this isn't safe and I need to make them enter a password to get the file. This is easy to do, right? (crosses fingers) I hope somebody can help me. Our web server is Windows Server 2003 R2, Standard, SP2. I (scarily) have full access to it. I see something about FTP Sites in the IIS Manager ... hmmm. Don't know where to ask this question, maybe somebody can tell me that also.