When should I use SecureSockOptions or useSsl when connecting using Mailkit

Question

I'm confused on how to use the third parameter when setting up smtp with MailKit.

Here is what I have so far:

    // *************** SEND EMAIL *******************
    using (var client = new MailKit.Net.Smtp.SmtpClient(new ProtocolLogger("smtp.log")))
    {
      client.SslProtocols = System.Security.Authentication.SslProtocols.Tls12;

      //accept all SSL certificates
      client.ServerCertificateValidationCallback = (s, c, h, e) => true;

      // Note: since we don't have an OAuth2 token, disable
      // the XOAUTH2 authentication mechanism.
      client.AuthenticationMechanisms.Remove("XOAUTH2");

      // client.Connect(emailSettings.SmtpServer, emailSettings.SmtpPort, emailSettings.IsSslEnabled);
      client.Connect(emailSettings.SmtpServer, emailSettings.SmtpPort, emailSettings.AuthType);

      if (emailSettings.IsAuthenticationRequired)
      {
        // Note: only needed if the SMTP server requires authentication
        client.Authenticate(emailSettings.SmtpUsername, emailSettings.SmtpPassword);
      }

      if (emailSettings.TimeOut == 0) emailSettings.TimeOut = 10;
      client.Timeout = emailSettings.TimeOut * 1000;

      client.Send(message);
      client.Disconnect(true);
    }

My confusion is on this line:

client.Connect(emailSettings.SmtpServer, emailSettings.SmtpPort , true);

I have the option to pass in either true/false or SecureSockOptions.

This is what I have on my form:

I'm not sure I understand how the two different settings affect the sending of emails. I assume I use either the true/false for useSsl or the SecureSockOptions? I'm not sure how these work together.

The options for SecureSockOptions are:

None Auto SslOnConnect StartTls StartTlsWhenAvailable

Do these options negate the need for useSsl?

score 4 · Accepted Answer · answered Jul 19 '19 at 14:40

4

useSsl is a dumbed-down version of SecureSocketOptions.

When you pass true for useSsl, it maps to SecureSocketOptions.SslOnConnect.

When you pass false for useSsl, it maps to SecureSocketOptions.StartTlsWhenAvailable.

answered Jul 19 '19 at 14:40

jstedfast

35,744
5
97
110

ok that's what I wanted to know. Ty for clarifying that for me. – TechGuy Jul 19 '19 at 14:42

score 0 · Answer 2 · answered Jul 19 '19 at 14:40

Looking at the mailkit documentation Connect method has 5 different signatures (different parameters)

In the case of passing boolean to the Connect it means use ssl if true and don't use ssl if false. There is no method that accepts both the boolean and SecureSocketOptions.

http://www.mimekit.net/docs/html/Overload_MailKit_Net_Smtp_SmtpClient_Connect.htm

You should read up their documentation on the link above.

Also this might be useful from their documentation:

The useSsl argument only controls whether or not the client makes an SSL-wrapped connection. In other words, even if the useSsl parameter is false, SSL/TLS may still be used if the mail server supports the STARTTLS extension.

To disable all use of SSL/TLS, use the Connect(String, Int32, SecureSocketOptions, CancellationToken) overload with a value of SecureSocketOptions.None instead.

score 0 · Answer 3 · answered Jul 19 '19 at 14:45

You should use it when you have a trusted internal network Domain Controller type or trusted box also, when you are securing transmissions (no eavesdrop) and by default most mail servers use it even if you code it in and it reads false you may have a system wrap, which is when the system itself overrides it due to the OSI Model lower levels. I would recommend personally using it when you can it solves a couple of the older transmission model drops on syn ack hand requests and has a higher requested time out value if I remember correctly.

When should I use SecureSockOptions or useSsl when connecting using Mailkit

3 Answers3