Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Adding SSL/TLS to SMTP Email Sending
#1
Hi All,

I have been sending emails using SMTP and Indy for a while now, but only using port 25, as I have not added support for SSL/TLS. I think I have to add a TIdSSLIOHandlerSocketOpenSSL component, but I'm not sure of the properties I need to set to get this to work with
  1. Implicit SSL on port 465
  2. Explicit SSL (TLS) on port 587

Could someone tell what I need to do to get this to work? Thanks for any help.

Cheers
Paul
Reply
#2
Assign the SSLIOHandler component to the TIdSMTP.IOHandler property, and then set the TIdSMTP.UseTLS property to either utUseImplicitTLS or utUseExplicitTLS as needed, and then set the TIdSMTP.Port if needed (not all SMTP servers use the default ports).

Reply
#3
Hi Remy,

Thanks for the help. I've done what you've instructed and I'm getting an error which seems to be based on the SSLVersions value I am choosing. I downloaded libeay32.dll and ssleay32.dll from https://indy.fulgan.com/SSL/
I wasn't sure which version to download, so I just went for the latest 32bit one. File name : openssl-1.0.2o-i386-win32.zip

Some details on my system:
Windows 64bit
My application 32bit
Delphi XE6
Indy version 10.6.0.5122
Using Port 465
TIdSMTP.UseTLS = utUseImplicitTLS
TIdSSLIOHandlerSocketOpenSSL.SSLOptions.Method = ssImUnassigned

I put the dll's in my application folder.

I tried each of the versions, and the following show the error I got with each one.

Version and it's error:
SSL v1 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
SSL v1_1 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
SSL v1_2 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
SSL v2 ERROR: Error creating SSL context
SSL v3 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
SSL v23 error:140770FC:SSL routines:SSS23_GET_SERVER_HELLO:unknown protocol

I can't make a connection with version 2. All other versions connect and authorisation is successful, but can't send an email, due to above error.

Any ideas?

Thanks heaps for the help,
Paul
Reply
#4
(09-14-2018, 07:54 AM)paulcoshott Wrote: I've done what you've instructed and I'm getting an error which seems to be based on the SSLVersions value I am choosing.

See below.

(09-14-2018, 07:54 AM)paulcoshott Wrote: I downloaded libeay32.dll and ssleay32.dll from https://indy.fulgan.com/SSL/
I wasn't sure which version to download, so I just went for the latest 32bit one. File name :  openssl-1.0.2o-i386-win32.zip

That is fine.

(09-14-2018, 07:54 AM)paulcoshott Wrote: Indy version 10.6.0.5122

That is a pretty old version of Indy. The current version is 10.6.2.5475.

(09-14-2018, 07:54 AM)paulcoshott Wrote: Using Port 465
TIdSMTP.UseTLS = utUseImplicitTLS

Are you SURE the Port property is actually 465 when you call TIdSMTP.Connect()? Note that setting the UseTLS property *may* change the Port property! So double-check that. A port mismatch could easily cause the problem you are seeing. Also double-check with a packet sniffer like Wireshark that you are actually receiving a valid SSL/TLS response from the server, and not an unencrypted SMTP greeting instead.

(09-14-2018, 07:54 AM)paulcoshott Wrote: I can't make a connection with version 2.

Correct, because SSL 2.0 is old, unsecure, and no longer enabled by default in OpenSSL. SSL 3.0 is on its way out too. You shouldn't be using anything less than TLS 1.0 at all nowadays (and even that is starting to be phased out of many servers now).

(09-14-2018, 07:54 AM)paulcoshott Wrote: All other versions connect and authorisation is successful, but can't send an email, due to above error.

I doubt that, considering that you are trying to use *implicit* TLS, which means OpenSSL has to successfully handshake with the server before anything SMTP-related can be used at all, so there is no opportunity for you to authenticate with the server if TLS fails.

Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)