I'm using C# 3.0 and the System.DirectoryServices namespace (not the newer System.DirectoryServices.AccountManagement namespace of .NET 3.5). How can I find all of the SMTP Servers on the local domain? Is this even possible? Is there another way to accomplish this?
views:
954answers:
5
A:
I do not think you can do that with DirectoryServices.
One option would be to attempt a connection to each server on the domain on the SMTP port (25), and see if they respond to standard SMTP commands. This could easily be done using the TcpClient class, if you have a list of the machines in the domain.
Of course, that would not find servers not using the standard port (but if the server is not using the standard port, it might not be interested in being found in the first place :-)
driis
2009-05-14 16:09:11
It should be noted that doing such a network scan like that is typically frowned upon my IT folks, and may land you in hot water if they detect it.
cyberconte
2009-05-14 16:38:27
@cyberconte: It may be the only way, however. As long as you cache the results, it shouldn't be a big problem.
Noldorin
2009-05-14 16:46:28
+1
A:
I doubt that domain servers explicitly publish the fact that they are SMTP servers (I may be wrong), though the solution should be quite simple nonetheless.
- Find each server within the active domain.
- Attempt to connect to the server on port 25 (SMTP).
- Wait for a
220response, which indicates that the server is ready. (See the RFC document for the protocol.) If you receive this command within a certain time after connect (say, 3 seconds), then you can conclude that the current computer is a SMTP server.
Hope that helps.
Noldorin
2009-05-14 16:14:15
+1
A:
A different approach would be to do DNS MX (Mail exchange record) queries to find SMTP servers for a given domain:
mjmarsh
2009-05-14 16:28:22
A:
Based on Noldorin's suggestion, here is some code, note I just connect on 25, I'm not waiting for the 220 from the server. This worked on our domain. This is brutal regex to get the server name based on the LDAP path.
static void Main()
{
DirectorySearcher ds = new DirectorySearcher("");
ds.Filter = "objectCategory=computer";
SearchResultCollection results = ds.FindAll();
foreach (SearchResult result in results)
{
string pattern = @"(?<=LDAP://CN=)(?<serverName>\w*)(?=,*)";
Match m = Regex.Match(result.Path, pattern);
string serverName = m.Groups["serverName"].Value;
System.Net.Sockets.TcpClient tcp = new System.Net.Sockets.TcpClient();
try
{
tcp.Connect(serverName, 25);
if (tcp.Connected)
{
Console.WriteLine(String.Format("Connected to {0} on Port 25", serverName));
}
}
catch (Exception ex)
{
Console.WriteLine("Exception: " + ex.Message);
}
finally
{
tcp.Close();
}
}
Console.WriteLine("Done.");
Console.ReadLine();
}
Also, I think FindAll suffers from the usual AD constraint, which is a 1000 results , so if you have more than a 1000 servers in your domain, you might have to rework
RandomNoob
2009-05-14 16:58:28
A:
If you want to find the mail server of a domain in order to send mail to that domain then using the DNS MX is the way to go, as mjmarh already suggested. If you want to identify all arbitrary SMTP services in your domain using AD then you could leverage the fact that most SMTP server will register themselves in AD, for example Exchange does, and you can interrogate the AD services to find out their location. For example this white paper explains how Outlook clients discover their mailbox server using Active Directories: http://technet.microsoft.com/en-us/library/bb332063.aspx On certain domain doing a port scan on all machines will lit up any intrusion detection mechanism they have like a Christmas Tree and you may end up with your application network address shut down.
Remus Rusanu
2009-05-14 17:38:13