Does merely having the IIS software on a server increase risk?

From: Thomas Dulaney (spamfilter2003@yahoo.com)
Date: 01/27/03


From: "Thomas Dulaney" <spamfilter2003@yahoo.com>
Date: Mon, 27 Jan 2003 10:54:25 -0800

Hello,

I need to have SMTP services on an application server. I
don't need or want a web server on this machine, but I
have to have IIS installed to get the SMTP service as I
understand it. I have stopped the default web sites that
are created by the install. Is there hackable entry to
the server that I need to worry about even if the web
services (and everything else except SMTP) is turned off?

Are there significant danger of being hacked through the
SMTP port? This server houses a mission critical database
so we want the server as crash free (and hence hack free)
as is reasonable.

Any and all advice is appreciated!!

--Tom



Relevant Pages

  • IIS and default SMTP Virtual Server
    ... is set up on a remote server. ... i was trying to configure IIS SMTP services to enable us ... administration web site. ...
    (microsoft.public.inetserver.iis)
  • Sophos Pure Message on Exchange 2003
    ... installed it on new Exchange Server 2003 at Win2003 server platform. ... service if SMTP services is not running. ... Tried to start up the Pure Message Services first, ...
    (microsoft.public.exchange2000.admin)
  • Re: IIS5.0 - SMTP Spammers using my SMTP server! Please help
    ... Sounds like your server is an open relay. ... > I'm running few websites and also running SMTP services ... > I ended up stopping the SMTP services, ...
    (microsoft.public.inetserver.iis.security)
  • Sophos Pure Message on Exchange 2003
    ... installed it on new Exchange Server 2003 at Win2003 server platform. ... service if SMTP services is not running. ... Tried to start up the Pure Message Services first, ...
    (microsoft.public.exchange.admin)
  • Re: Using Spammarshall to scan outbound from Exchange 5.5
    ... Using hosts.txt solutions would I then need to set up MS SMTP services so I can redirect to the mail from spammarshall to that host? ... email off their server. ... unless you think forcing your users outgoign email through the spam ...
    (microsoft.public.exchange.admin)