SMTP Server Windows IIS and PHP (send only)

By Frank Forte

1) Adding the SMTP Server

– Open Server Manager
– select “Features”
– click “Add Features” and check “SMTP Server”
NOTE: The SMTP Server feature might require the installation of additional role services and features. Click Add Required Role Services to proceed with installation.
– click Next to configure any required role services and features
– click Install to start the installation.

2) Setting up SMTP

– Open IIS
– click on the server, open the “features view” (at the bottom) – double click “SMTP E-mail” probably under ASP.NET
– Enter the from address
– select Deliver to SMTP server
– check “Use localhost”
– I recommend putting Authentication settings, specify credentials! (click the ellipsis “…” to enter a username and password)

3) Configuring SMTP

– Open command prompt
– type cd \Windows\System32\inetsrv then hit return
– type all on one line. This is CASE SENSITIVE. Replace the values for /from (e.g. “”) and the network port, host, userName, and password.

appcmd set config /commit:WEBROOT /section:smtp / /deliveryMethod:Network /network.port:25 /network.defaultCredentials:True / /network.userName:your_username /network.password:your_password

I used the from email as the username.

4)Configure PHP.ini


5) Enable Relay for localhost:

– open iis 6.0 (even if you are on iis7, you should have iis6 on your machine!)
– right click the virtual server

Restricting who can send!

– select the “access” tab
– click “connection” and Select “Only the list below”
– add only your server’s i.p. address. The dns lookup can help, type “localhost” or the name of your machine.
– click “ok” then click “apply”
– click “Relay…”
– do the same as above (set to “Only the list below” and add your machine’s i.p. address)
– I would un-check the ability for remote servers to relay, even if they authenticate… in case some bot brute forces in and then uses your server to send spam.


Test it out. I use PHP mailer.
(use one of your emails to see if you actually get it. A success does NOT mean it will reach the user!)

WordWrap = 50; // set word wrap to 50 characters
$email-->Host = 'localhost';
$email->Port = 25; // 587 and 465 are also common
$email->Username = '';
$email->Password = 'your_password';
$email->Subject = 'Hello World of SMTP';
$email->Body = 'This is a test from IIS and PHP';
$email->AddAddress('','Your Name');
$email->From = '';
$email->FromName = 'Your Website';

echo 'ok! I did it! I set up an SMTP server (for sending only)!';
echo 'Dang... all that work and I\'m still here.

Good luck! Now make sure you add SPF records for all of your domains. 🙂


This entry was posted on Thursday, December 20th, 2012 at 6:37 pm and is filed under New Web Applications. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.