CDOSYS SMTP/NNTP Event Sinks Evaluation Criteria
Topic Last Modified: 2008-09-03
This topic provides information about how to use CDOSYS SMTP/NNTP Event Sinks to develop messaging applications.
The Microsoft Windows 2000 Simple Mail Transfer Protocol (SMTP) and Network News Transfer Protocol (NNTP) services provide an architecture for the addition of customized software that responds to events. Applications can use CDOSYS to respond to messages as they are received by the SMTP and NNTP services.
Caveats
CDOSYS event sinks do not have all the capabilities of the SMTP transport event sinks, but CDOSYS event sinks are easier to develop.
Functional Criteria
| Criteria | CDOSYS SMTP/NNTP Event Sinks |
|---|---|
Application Domain |
The event sink features of CDOSYS are typically used in applications that append disclaimers or other notices to e-mail sent through your server, archive messages, detect, and discard unsolicited bulk mailings, detect and discard inappropriate newsgroup postings, check inbound messages for viruses, forward and filter messages automatically, and so on. |
Major Objects |
Applications that use SMTP and NNTP event sinks implement COM classes that have the appropriate Microsoft Collaboration Data Objects (CDO) event interfaces. Event interfaces are available for SMTP OnArrival events and NNTP OnPostEarly, OnPost, and OnPostFinal events. |
Data access model |
When the event sinks are fired, they receive the message being processed inside a CDO.Message object. The message parts are represented as a hierarchy of objects with methods and properties. |
Threading Models |
For better performance, the COM classes created as event sinks should be set to support apartment-style multithreading. |
Application Architectures |
CDOSYS SMTP/NNTP event sinks run on the computer where the message is being processed. Applications that use CDOSYS event sinks might have a GUI application to configure how the event sinks operate, and to provide information to the user or administrator about message handling activities. |
Remote Usage |
CDOSYS SMTP/NNTP event sinks must run on the computer where e-mail is being processed, and cannot be used in COM+ applications. |
Transactions |
No. |
Management Capabilities |
CDOSYS does not generate Windows 2000 Event Log entries, and there are no performance counters available to measure it. Windows Event log entries and performance counters can be built into SMTP event sinks to provide additional management and monitoring capabilities. |
Availability |
Currently, there is shipping in all versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. No changes are anticipated at this time. |
Development Criteria
| Criteria | CDOSYS SMTP/NNTP Event Sinks |
|---|---|
Languages and Tools |
CDOSYS can be used with any COM/Automation-compatible languages, as well as with non-COM languages such as C/C++. |
Managed Implementation |
CDOSYS is an unmanaged component. Use of CDOSYS is supported under the COM Interoperability layer of Visual Studio .NET and the .NET Framework. |
Scriptable |
CDOSYS event sinks can be implemented by using scripts. |
Test/Debug Tools |
No special debugging tools are needed to debug applications that use CDOSYS. For particularly difficult protocol-interaction issues, a network monitoring utility may prove helpful, but is typically not required. |
Expert Availability |
Beginning developers can easily use CDOSYS SMTP/NNTP event sinks, and there are many Microsoft and third-party Web sites and communities available. |
Available Information |
CDOSYS is covered in several Microsoft and third-party books. For more information about CDOSYS, see About CDO for Windows 2000 on MSDN. |
Developer/Deployment Licensing |
No special licenses are needed for using CDOSYS. Depending on the configuration, your systems might require access to an additional SMTP/NNTP server to transport messages to their destination. |
Security Criteria
| Criteria | CDOSYS SMTP/NNTP Event Sinks |
|---|---|
Design-Time Permissions |
Creating CDOSYS SMTP/NNTP event sinks requires that the developer be permitted to register COM components on the local computer where e-mail is processed. This permission is usually granted by way of allowing the developer to install software. If the developer is not working on a production server, the possibility of that computer is lower when unencrypted sensitive information is available. Permitting development work on production e-mail servers is not recommended. |
Setup Permissions |
Because unencrypted sensitive information may pass through the production e-mail server, use caution when granting permission to install software. It is recommended that deployment to the production servers be performed by administrators. |
Run-time Permissions |
The CDOSYS SMTP/NNTP event sinks run in the same process as IIS, and share the same security credentials as that service account. This can affect which resources the event sink can access. |
Built-in Security Features |
SMTP event sinks provide no built-in security features. If an event sink changes a message after the user has digitally signed it, the accompanying digital signature will be invalid. SMTP event sinks cannot apply disclaimers or access the body of S/MIME and other encrypted messages when the encryption keys are unavailable. |
Security Monitoring Features |
The CDOSYS event sinks do not provide any built-in security monitoring features. CDOSYS event sinks can create Windows Event Log entries as needed. |
Deployment Criteria
| Criteria | CDOSYS SMTP/NNTP Event Sinks |
|---|---|
Server Platform Requirements |
CDOSYS is available on Microsoft Windows 2000, Windows XP, and Windows Server 2003. CDOSYS SMTP/NNTP event sinks require IIS to be configured, and the messages that trigger the events must be processed by the local SMTP/NNTP service. |
Client Platform Requirements |
CDOSYS is available on Windows 2000, Windows XP, and Windows Server 2003. |
Deployment Methods |
There are no special requirements for application installation, beyond verifying that the computer is running one of the operating systems that include CDOSYS. |
Deployment Notes |
On systems where Exchange 2000 or Exchange 2003 is installed, the CDOSYS components are replaced by CDO for Exchange 2000 Server (CDOEX), which provides additional functionality over CDOSYS. CDOEX is described here separately. Applications that use CDOSYS SMTP/NNTP events should not be installed on Exchange back-end servers. |