System.Net.Mail FAQ

Complete FAQ Listing


5.3 System.Net.Mail with SSL to authenticate against port 465 Printer Friendly

This is an excellent blog post from http://blogs.msdn.com/webdav_101/archive/2008/06/02/system-net-mail-with-ssl-to-authenticate-against-port-465.aspx

Dan does a good job explaining the implicit SSL limitation of System.Net.Mail.

System.Net.Mail with SSL to authenticate against port 465

Sending mail using System.Net.Mail with SSL will fail:

System.Net.NetworkCredential aCred = new System.Net.NetworkCredential("myacct", "mypassword");SmtpClient smtp = new SmtpClient("smtp.mail.myserver.com", 465); smtp.EnableSsl = true; smtp.UseDefaultCredentials = false; smtp.Credentials = aCred;

System.Net.Mail only supports "Explicit SSL".


Explicit SSL

System.Net.Mail only supports "Explicit SSL". Explicit SSL starts as unencrypted on port 25, then issues a STARTDLS and switches to an Encrypted connection. See RFC 2228.

Explicit SLL would go something like: Connect on 25 -> StartTLS (starts to encrypt) -> authenticate -> send data

If the SMTP server expects SSL/TLS connection right from the start then this will not work.


Implicit SSL

There is no way to use Implicit SSL (SMTPS) with System.Net.Mail. Implicit SSL would have the entire connection is wrapped in an SSL layer. A specific port would be used (port 465 is common). There is no formal RFC covering Implicit SSL.

Implicit SLL would go something like: Start SSL (start encryption) -> Connect -> Authenticate -> send data



This is not considered a bug, it’s a feature request. There are two types of SSL authentication for SMTP, and we only support one (by design) – Explicit SSL.