what version?

if 6.0 the answer is yes, smtp and pop services
available. see MSDN

+++

I don't have 6.0 But I will get it if it will let me set up a pop mail server!

I will get back with you after I get 6.0 Installed.

Thanks Scott Coker

You can do it with the existing version of Windows you have. On the server, just install the SMTP service. Then use the CDONTS service to send mail (search on WebmasterWorld for more info). Make sure that your firewall blocks port 25, otherwise spammers will use your mail server, too.

You can set security for which IP addresses can relay mail through the server or set the security to ensure that the server only relays for authenticated users.

blocking Port 25 may also stop you sending mail through the server too, if you want to send via external machines.

If you don't block port 25, you have an open mail relay. Unless you put in some other protection, such as looking at the IP address before allowing traffic in, the spammers will find the mail server and begin sending out tens of thousands of spam using your server.

mine was just a quick answer, reading back i do not
see that the OP asked for pop services, but i made
the presumption that both were desired.

with respect to the blocking of tcp/25, there is not
much point in this if what is desired is a mail server
and not simply a outbound mail relay.

to begin with, the mta would be a non-compliant with the
rfc as bounces could never be delivered to the originating
mta.

even the smtp service in iis 5.0 is capable of relay
control without blocking tcp/25.

in short, you cannot have a fully functional smtp mta
*and* block tcp/25, it's one or the other. and before
someone pops up with range controls, yes you can
control access to tcp/25, but not block it.

edit: line breaks

The point is: don't leave port 25 open to the world when you have the smtp service installed. Use whatever technology you want to restrict that port only to authorized users that you select. If you leave port 25 open to the world, you will create one more open mail relay and the email spammers will be using your machine more than you will.

sorry to disagree, but relay control is
internal to the smtp service, a fully
functional smtp server requires tcp/25
to be open. a fine distinction, i know,
but important to someone new.

No. Relay control has no part of the standard SMTP protocol. The SMTP protocol is specified in RFC 2821, [ietf.org ]. There have been various extensions proposed to add verification or other features, but none are in standard use. Your SMTP server or firewall may provide protections that are not in the SMTP specification.

Anything that can establish a telnet connection to port 25 from outside the mail server can send email through your server. An easy way to test if you have an open relay is to have a friend on another domain with no special privileges create a DOS window, then type:

telnet www.yourdomain.com 25

If this generates an error, then you are fine. If it gives a blank line inside the telnet program, then you have an open mail relay.

It really depends on what you are trying to accomplish by having an "email server." And in reference the original post, why would you want to try to re-invent the wheel? There are quite a few free Open Source POP servers available...

Case 1 - If you can not establish a session with the SMTP server on port 25, it can not recieve email from YOU period. The only assumption you can make is that YOUR IP, or IP subnet is blocked.

If you choose to limit this via a firewall or through ip filtering on the SMTP server itself, you are severely limiting the functionality of an email gateway. The SMTP server may still send email out, but relays and incoming mail will be rejected from blocked sources.

Case 2 - You can establish a session with the SMTP server, but it requires authentication to execute commands, or a valid local destination box to recieve mail. This covers most Pop enabled servers.

More than likely this is the case with SMTP servers like Exchange, SendMail, MailEnable etc... However these setting are made ON the SMTP server through its configuration, and not via the firewall.

If the Admin is savvy, they are also using various filting software to block spam, filter incoming mail via blacklists, rejecting mail from invalid reverse DNS lookups, and hopefully virus patterns.

Case 3 - You can establish a session with the SMTP server, and no authorization required.

Basically your wonderfully talented boss took his/her laptop home from work which he/she installed Windows Server on and thought it would be a good idea to install IIS with all the options. He/She has just become the prime target for spammers.

Anything that can establish a telnet connection to port 25 from outside the mail server can send email through your server. An easy way to test if you have an open relay is to have a friend on another domain with no special privileges create a DOS window, then type:

telnet www.yourdomain.com 25

If this generates an error, then you are fine. If it gives a blank line inside the telnet program, then you have an open mail relay.

Again, no. That only establishes whether the port is
open. The fact that a client can establish a
connection is not indicative that it is an
open relay. It is only an open relay if
that connection, absent authorization to do so, can
be used to send email through that server to a domain
that it is not configured to handle mail for.

Granted, you can block tcp/25 to cut a server off
from the world, and hence it cannot tranfer mail
of any kind. But, this has nothing to do with
relay control as it is normally contemplated
by mail admins.

Relay control is exclusively a function of the mta,
eg. exchange, qmail, sendmail. A decision with respect
to whether a message involves relaying is only possible
*after* a connection has been made *and* the intended
recipient is known. If the message destination involves
relaying, then a further decision needs to be made
with respect to authority to do so. If the mta
relays absent any authority to do so, then, and only
then, is it an *open* relay. Relaying is an intended
function of an mta, open relaying is a undesirable
action to be controlled within that intended function.

In short, firewalls have nothing to do with relay control
except in the most gross cases.