.net mail classes vs SQL sp_send_dbmail

Question

We have applications that need to send out email notifications from time to time. We have been using the .net mail classes but recently we are running into the problem of some virus checkers blocking port 25. To me the correct solution is to set up the correct exclusion rules to allow our app to keep working. However, some are afraid that this may become a huge hassle in the future, especially as new organizations come on line, and would prefer to use SQL dbmail instead. I don't particularly like this choice, I would much rather have the application handle this aspect but I'm not sure if it's worth the fight. Are there any real advantages of using .net mail over the SQL mail?

Answer 1

You should ask yourself the following question

Do I really want to use the database server to send out email?

It all depends on how many emails you'll be sending and how busy the SQL server is.

If you'll not be sending many emails and you've got a pretty quiet SQL server; go right ahead.

If (like most of us) you're not that lucky, then look elsewhere.

Answer 2

My thoughts would be to redesign this aspect of the system so that email requests are queued in a database table, and a single machine processes them.

Benefits:

• you don't have to tie up resources on your SQL Server processing volumes of email
• you don't have to go through the paperwork / exclusion sets for all client machines, just the one that's actually going to do the work.

Downsides:

• more work for your developers!

Answer 3

They are both SMTP solutions using port 25.

You'll have the same issue most likely, it depends on where the scanner is checking/blocking

Answer 4

You can set up dedicated mail server, isolate it from network except for certain IPs and only for inbound connections on port 25. I think it is safe enough. Even if you move to SQL server, you will open port 25 and become vulnerable. You (your coulegues) can manage risks instead of hiding them.