IIS SMTP Server

Version: IIS SMTP server, IIS Manager version 6.0 and later.

The Simple Mail Transfer Protocol (SMTP) service provided by IIS is a simple component for delivering outgoing email messages. Delivery of a message is initiated by transferring the message to a designated SMTP server.

Netsurion Open XDR helps you to monitor event activities in IIS SMTP server. It will trigger an alert whenever it detects an error or a blacklisted spam IP. It’s knowledge object will help you make log search easier and informative. It can able generates flex reports, flex dashboards for IIS SMTP server.

Netsurion Data Source Integration for IIS SMTP server allows you to monitor the following :-

  • Security – Spam ip detection and user authentication failures.
  • Compliance – Mail transfer errors.
  • Operations – Mail traffic report with sender and recipient details.

Once IIS SMTP server is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security IIS SMTP server – Spam blacklist IP detected This alert is generated when blacklisted IP address accesses the server.
Security IIS SMTP server – AUTH error This alert is generated when user authentication error happens.
Security IIS SMTP server – Slow mail flow This alert is generated when mail process (MAIL,RCPT,EHLO,AUTH,DATA) taking unusual time delay while process.
Security IIS SMTP server – EHLO and HELO continuous request This alert is generated when server receives unusual number of EHLO or HELO packets.

Reports

Type Name Description
Security IIS SMTP server – EHLO and HELO request details This report provides information about EHLO and HELO request from clients.
Security IIS SMTP server – AUTH error details This report provides information about user authentication errors and failures.
Operations IIS SMTP server – All traffic report This report provides information about the mail traffic from SMTP server.
Operations IIS SMTP server – Sender and receiver report This report provides information about mail sender and receiver details.
Compliance IIS SMTP server – Error report This report provides information about errors generated by server methods (MAIL, RCPT, EHLO, AUTH, DATA).

Documentation

The configuration details are consistent with Netsurion Open XDR 8.x and later, IIS SMTP server.

Download Integration Guide for configuration instructions and more information