System.Net.Mail with SSL to authenticate against port 465

Sending mail using System.Net.Mail with SSL will fail:

 

System.Net.NetworkCredential aCred = new System.Net.NetworkCredential("myacct", "mypassword");

SmtpClient smtp = new SmtpClient("smtp.mail.myserver.com", 465);

smtp.EnableSsl = true;

smtp.UseDefaultCredentials = false;

smtp.Credentials = aCred;

 

System.Net.Mail only supports “Explicit SSL”. 

 

Explicit SSL

System.Net.Mail only supports “Explicit SSL”. Explicit SSL starts as unencrypted on port 25, then issues a STARTTLS and switches to an Encrypted connection. See RFC 2228.

 

Explicit SLL would go something like: Connect on 25 -> StartTLS (starts to encrypt) -> authenticate -> send data

If the SMTP server expects SSL/TLS connection right from the start then this will not work.

 

If you see "530 Must issue a STARTTLS command first" being returned while trying to send a message, then Explicit SSL is what is being expected.

 

Implicit SSL

There is no way to use Implicit SSL (SMTPS) with System.Net.Mail. Implicit SSL would have the entire connection is wrapped in an SSL layer. A specific port would be used (port 465 is common). There is no formal RFC covering Implicit SSL.

 

Implicit SLL would go something like: Start SSL (start encryption) -> Connect -> Authenticate -> send data

 

This is not considered a bug, it’s by design. There are two types of SSL authentication for SMTP, and we only support one with System.Net.Mail (by design) – Explicit SSL. 

Windows Mail uses System.Net.Mail to send messages - so it wont work with Implicit SSL. Outlook Express and System.Web.Mail use CDOSYS for sending messages and should work since CDOSYS can work with Explict SSL and Implicit SSL.