System.Net.Mail with SSL to authenticate against port 465

  • Artykuł

Sending mail using System.Net.Mail with SSL will fail:

 

System.Net.NetworkCredential aCred = new System.Net.NetworkCredential("myacct", "mypassword");

SmtpClient smtp = new SmtpClient("smtp.mail.myserver.com", 465);

smtp.EnableSsl = true;

smtp.UseDefaultCredentials = false;

smtp.Credentials = aCred;

 

System.Net.Mail only supports “Explicit SSL”. 

 

Explicit SSL

System.Net.Mail only supports “Explicit SSL”. Explicit SSL starts as unencrypted on port 25, then issues a STARTTLS and switches to an Encrypted connection. See RFC 2228.

 

Explicit SLL would go something like: Connect on 25 -> StartTLS (starts to encrypt) -> authenticate -> send data

If the SMTP server expects SSL/TLS connection right from the start then this will not work.

 

If you see "530 Must issue a STARTTLS command first" being returned while trying to send a message, then Explicit SSL is what is being expected.

 

Implicit SSL

There is no way to use Implicit SSL (SMTPS) with System.Net.Mail. Implicit SSL would have the entire connection is wrapped in an SSL layer. A specific port would be used (port 465 is common). There is no formal RFC covering Implicit SSL.

 

Implicit SLL would go something like: Start SSL (start encryption) -> Connect -> Authenticate -> send data

 

This is not considered a bug, it’s by design. There are two types of SSL authentication for SMTP, and we only support one with System.Net.Mail (by design) – Explicit SSL. 

Windows Mail uses System.Net.Mail to send messages - so it wont work with Implicit SSL. Outlook Express and System.Web.Mail use CDOSYS for sending messages and should work since CDOSYS can work with Explict SSL and Implicit SSL.

Comments

  • Anonymous
    June 02, 2008
    PingBack from http://www.basketballs-sports.info/basketball-chat/?p=1555

  • Anonymous
    October 05, 2008
    Any idea when System.Net.Mail will support SMTP using implicit SSL?

  • Anonymous
    October 08, 2008
    I have no idea when it will be fixed.  Can never get dates on when changes will be made.  The .NET Devs do know there is a need for this, however it would probably be done as part of a service pack or major release.  

  • Anonymous
    May 12, 2009
    System.Net.Mail SSL 465下发送不成功的原因吧, 应该是暂时System.Net.Mail 不支持Implicit SSL, 仅支持Explicit SSL

  • Anonymous
    August 11, 2009
    Is there any news on Implicit SSL in the past year?  Can it be done in any version of System.Net.Mail?

  • Anonymous
    November 19, 2009
    There havent been any changes yet.  However, I have not checked-out .NET 4.0 since its still in Beta.

  • Anonymous
    July 19, 2010
    As of now .Net 4 does not have a fix for this issue

  • Anonymous
    October 01, 2010
    I've commented on this at the link below. Essentially you can call the CDO (Collaborative Data Object) via COM to do what is needed. The example was for GMail, but in real life I had to use this because a client's server was only accepting implicit SSL connections (go figure). The KB article is also referenced below which will demonstrate this using C#. stackoverflow.com/.../3845907 support.microsoft.com/.../310212

  • Anonymous
    October 03, 2010
    Hello Bryan;   I know... I noted CDOSYS in the blog already - its the same CDO you are referring to. The same approach will also works with CDOEX - the Exchange centric superset of CDOSYS.  Be sure to call System.Runtime.InteropServices.Marshal.ReleaseComObject( ) with every .NET referenced CDO object when your code is finished or you will leak.  This and using forloops are some of the largest causes of leaks under .NET.   This sould be done anytime .NET code is used against a COM object.   Most samples on the web dont show this clean-up being done, however it should be.  There is no reason to not use CDOSYS unless your .NET code needs to run on a non-Microsoft platform.  CDOSYS has been in all MS operating systems since Windows 2000 and in many ways is more capable and sound that System.Net.Mail; I also don't see CDOSYS going away any time soon.

  • Anonymous
    February 28, 2011
    So is there no way to code round this?....... What is the solution for enabling Email from an app built in ASP.Net 3.5 utilising a provider that requires SSL at port 465?........

  • Anonymous
    November 23, 2011
    Hi guys! I try to use CDOSYS to send emails (SMTPS), but I always receive "The transport failed to connect to the server" exception. I use the "465" port  with smtpusessl = "1". My SMTP server is accessible by port "465" and I can send emails using Rebex.NET library. I think I need to perform certificate validation, but I don't know how to perform this validation using CDOSYS. Could you please provide me with some examples of certificate validation performance by means CDOSYS? I am looking forward to your response!!!! Thanks!

  • Anonymous
    December 22, 2011
    Verizon wants it email customers to change to authentication and port 446 and may force its use in 2012 - no date set.  Programs based on VB.Net will not work as indicated.  I personally wrote software with VB to handle community mail for our 55 and older development.  It will be useless if Verizon insists. Verizon is rather large; I would hope MS provide a fix. Ed Bitzer

  • Anonymous
    December 22, 2011
    The comment has been removed

  • Anonymous
    July 17, 2013
    For now you can use a COM solution provided by this stackoverflow answer: stackoverflow.com/.../550975

  • Anonymous
    July 18, 2013
    Thanks Sergey.  That COM project from stackoverflow is using CDOSYS.  When looking at any article mentioning CDO its important to see which CDO is being used since the term CDO (Collaboration Data Objects) has been overly used.  CDOSYS is on all Windows operating systems starting with Windows 2000, though I have not checked Windows RT.  CDOEX was a superset of CDOSYS which ran explicitly on Exchange 2000 and 2013 - it had the ability to work on items in a mailbox in addition to the SMTP sending abilities of CDOSYS.  CDONTS is an older API for sending email by SMTP - it was replaced by CDOSYS long ago.  Then there is CDO 1.21, which does not send email by SMTP and rather it works directly against a mailbox using a MAPI provider.  I'm hoping that "CDO" won't be used on any more APIs since its there are already too many APIs which use it in their name. If anyone reading this thinks that they should avoid CDOSYS because its COM based then please understand that its fully supported under .NET.  Further, it has a lot of capabilities which no other .NET messaging class has ever had.  The System.Net.Mail was built by .NET developers from scratch as I recall.  However, CDOSYS was written by Exchange developers and has been honed and heavily fixed over many, many years. The only major issue with using CDOSYS is being sure that the underlying COM objects get released - you will run into this issue any time .NET code wraps COM objects (interops are basically .NET code wrapping around a COM object).  For info on releasing the underlying objects and preventing leaks with COM objects wrapped by .NET code, please read these articles: blogs.msdn.com/.../oom-net  Those article talk working with the Outlook interops, however the same rules apply to other interops such as what you would use with COSYS. One important note:  As mentioned in that stockoverflow posting, you need to have references to CDO and ADODB.  You should set a reference to CDO only in Visual Studio and Visual Studio should create interops for both CDOSYS and ADODB.  I've seen problems where code did not work if a reference was set to ADODB and then COOSYS.  So, if you did set a reference to ADODB manually and are having issue then remove both references from the project, delete the interop files and them set a reference to CDOSYS and let Visual Studio generate interops for both and also add a reference to ADODB.

  • Anonymous
    November 04, 2013
    Is System.Net.mail with SSL enables implemented in .Net Framework 4.5? If not any idea on whether it will be implemented or not?

  • Anonymous
    November 21, 2013
    Dan, It seems that this topic never ends. I'm looking for a reliable way to send emails and already tried a couple of things (System.Net.Mail and Lumisoft 3d party library). Now I want to try CDO but I found out that it does not support STARTTLS. Do you know anything about it? Thanks Alex

  • Anonymous
    May 07, 2014
    You can use componentpro ultimate mail to send mail over ssl. www.componentpro.com/mail.net. Here is the example code snippet: using ComponentPro.Net; using ComponentPro.Net.Mail; ... // Create a new instance of the Smtp class. Smtp client = new Smtp(); // Connect to the server. client.Connect("myserver", 465, SecurityMode.Implicit); // Login to the server. client.Authenticate("user", "password"); // Create a new mail message. MailMessage msg = new MailMessage(); msg.Subject = "Test Subject"; msg.BodyText = "Content"; msg.From = "from@mydomain.com"; msg.To = "to@somedomain.com"; // And send it. client.Send(msg); // Close the connection. client.Disconnect();

  • Anonymous
    November 15, 2014
    People in Russian community solved this problem in a simple, but weird way habrahabr.ru/.../237899 You must set SSL=true and Port=25. Server responds to your request from unprotected 25 and then throws connecion to protected 465. This trick worked for Gmail an some Russin mail services.

  • Anonymous
    April 10, 2015
    I know this is a widely referenced blog post, so I will put here what i think is THE solution: a free and OSS library called AEGIS Implicit Mail. You can get it from Nuget www.nuget.org/.../AIM

  • Anonymous
    May 02, 2015
    @Zpektrum: And how do you use this library in C #?

  • Anonymous
    July 18, 2015
    Have a look on AIM wiki, the simplest way you can send Implicit SSL Mails sourceforge.net/.../wiki