upgrade for smtpmail.p to support TLS/SSL mail server

Posted by bremmeyr on 04-Feb-2016 14:48

smtpmail.p does not support TLS/SSL mail server. Have you found a solution that work from ABL\4gl.  

OpenEdge 11.5.1

Windows server 2012

All Replies

Posted by Peter Judge on 04-Feb-2016 15:30

It looks like smtpmail.p uses the ABL sockets to read/write. These DO support TLS/SSL. Have you tried just using it?

You will have to import the (server) certs but things should just work.

Posted by bremmeyr on 04-Feb-2016 15:59

Tried to just use it with no success. Did not import the server certs into the OpenEdge store. Will check into that to see what turns up. Thank you.

Posted by Matt Baker on 04-Feb-2016 16:01

Please be aware that mail servers have 2 different encryption modes.  

In the first mode, the connection starts as clear text and is then upgraded to SSL without restarting the socket.  This is normally called STARTTLS (Wikipedia).

The other is where the entire connection is expected to use SSL or TLS (as allows by server configuration) and there is no cleartext to encryption jump.

Normally the second is indicated by a higher port number, typically 993 for IMAP and 465 for SMTP, instead of port 143 for IMAP and 25 for SMTP.  The lower port number would indicate a cleartext port that may or may not support STARTTLS.

To my knowledge, there is no way in the  ABL to trigger the start of a TLS session after the connection setup, so STARTTLS cannot be used.  But if the email server supports a fully encrypted connection for email servers, then it should work as long as you have the right public certs installed and you specify the –SSL option in the socket connection.

Posted by bremmeyr on 08-Feb-2016 10:14

Thank you Peter and Matt. I have made headway. Looks that I can connect on port 587 with TLS. Can you provide direction to address non-base64 authentication? Looks that I need to use GSSAPI or NTLM. Where would that be addressed to be used by smtpmail.p?

Posted by Matt Baker on 08-Feb-2016 13:50

Yes.  As smtpmail.p is your client implementation, it would be up to that implementation to support GSSAPI or NTLM authentication.

NTLM

msdn.microsoft.com/.../cc246870.aspx

and

msdn.microsoft.com/.../cc246809.aspx

GSSAPI

technet.microsoft.com/.../bb123786(v=exchg.65).aspx

and

tools.ietf.org/.../rfc4752

Posted by bremmeyr on 08-Feb-2016 14:05

Thank you Matt. I will check it out.

Posted by oedev on 09-Feb-2016 08:12

You could also look at using .NET instead of smtpmail.p, which does suppport SSL etc.

Pretty simple to implement as well. Can provide code example if required ?

Posted by MarkT on 21-Jun-2016 05:30

Hi OEDev,

I'd be interested in seeing a .Net implementation of smtpmail.p if you have one.

Thanks,

Mark

Posted by oedev on 21-Jun-2016 06:16

This not by all means a full replacement for smtpmail.p, but shows the basics of sending an email using the .NET framework. In this example I was using gmail to send from (you have to generate a special password from gmail to do this).

using System.Net.*.

using System.Net.Mail.*.

DEF VAR smtp         AS SmtpClient.

DEF VAR fromAddress  AS MailAddress.

DEF VAR toAddress    AS MailAddress.

DEF VAR ccAddress    AS MailAddress.

DEF VAR emailmessage AS MailMessage.

DEF VAR ATTACHMENT   AS Attachment.

DEF VAR fromPassword AS CHAR INIT "abcdefghi".

DEF VAR subject      AS CHAR INIT "Test".

DEF VAR body         AS CHAR INIT "Just testing message".

fromAddress = new MailAddress("fromemail@gmail.com").

toAddress = new MailAddress("toemail@somewherecom").

ccAddress = new MailAddress("ccemail@somewhere.com").

smtp = new SmtpClient().

smtp:Host = "smtp.gmail.com".

smtp:Port = 587.

smtp:EnableSsl = TRUE.

smtp:DeliveryMethod = SmtpDeliveryMethod:Network.

smtp:UseDefaultCredentials = FALSE.

smtp:Credentials = new NetworkCredential(fromAddress:Address, fromPassword).

emailmessage = new MailMessage(fromAddress, toAddress).

emailmessage:cc:ADD(ccAddress).

emailmessage:Subject = subject.

emailmessage:Body = body.

ATTACHMENT = NEW Attachment("c:\temp\file.html").

emailmessage:attachments:ADD(attachment).

smtp:Send(emailmessage).

This thread is closed