Is it possible to use a Windows managed service account to send ELMAH exceptions? Here's a sample errorEmail from Web.config; would it still have a password attribute?
<elmah>
<errorMail from="[email protected]" to="[email protected]" async="true"
subject="MyApp Exception thrown: {0}" userName="[email protected]"
password="" smtpServer="smtp.mydomain.org"/>
</elmah>
We didn't need to use an MSA; answer was too simple: don't include the credentials in the errorMail properties:
<elmah>
<errorMail from="[email protected]" to="[email protected]"
async="true" subject="MyApp Exception thrown: {0}"
smtpServer="smtp.mydomain.org"/>
</elmah>
Note we also changed the "from" to a fake "noreply" email, as we don't want replies. Also, we can't use a Win service account to send emails, as described by Microsoft:
Exchange Server does not allow you to send e-mails from a managed service account on behalf of a service or application. To overcome this limitation, use the managed service account to run the service, but create a separate conventional user account for the service and configure the service to send e-mails using this account.
That's for Server 2008 but seems to be true for the latest ones as well. Special thanks to our Ops team for this answer.