Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


SMTP Authentication using VB.Net

Posted on 2005-05-09
Medium Priority
Last Modified: 2008-01-09
I have a project to develop a prototype for emailing through an SMTP server that requires authentication with VB.NET.    They want it to be able to use all of the authentication methods Login, NTLM, GSSAPI, and Plain Text.   I think I have NTLM with the code example below.  I have been unsuccessful in finding anything dealing with GSSAPI and the other methods however (and I have to admit my ignorance of GSSAPI other than what I have found researching the Internet).  Can anyone offer some help, code examples, etc.  I have a pretty urgent need for some information so any help will be greatly appreciated.

Basically, right nowI have a form with text boxes for the to, from, subject, attachment and body and adrop-down for body format, and a button to send the message.  This code seems to do the NTLM fine as the message go out just fine.  I just have not been able to find anything to point me in the right direction for GSSAPI, and the other auth methods.

    Private Sub cmdSend_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdSend.Click
        If Trim(txtMailSender.Text) = "" Then
            MessageBox.Show("FROM field cannot be blank.", "Error Sending Message", MessageBoxButtons.OK, MessageBoxIcon.Error)
            Exit Sub
        End If

        If Trim(txtMailReceiver.Text) = "" Then
            MessageBox.Show("TO field cannot be blank.", "Error Sending Message", MessageBoxButtons.OK, MessageBoxIcon.Error)
            Exit Sub
        End If

            Dim m As New System.Web.Mail.MailMessage

            With m
                .From = Trim(txtMailSender.Text)
                .To = Trim(txtMailReceiver.Text)
                .Subject = Trim(txtSubject.Text)
                Select Case cboBodyFormat.Text
                    Case "Text"
                        .BodyFormat = MailFormat.Text
                    Case "HTML"
                        .BodyFormat = MailFormat.Html
                    Case Else
                        .BodyFormat = MailFormat.Text
                End Select
                If txtAttachment.Text.Trim <> "" Then
                    .Attachments.Add(New System.Web.Mail.MailAttachment(txtAttachment.Text.Trim))
                End If
                .Body = txtBody.Text

                'FOR NTLM Auth
                .Fields.Add("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate", "2") '0-none, 1-basic, 2-NTLM
            End With

            SmtpMail.SmtpServer = "strfddevfs1.na.fag.com"

        Catch httpExceptionParamter As System.Web.HttpException
            MessageBox.Show(httpExceptionParamter.Message, "Error Sending Message", MessageBoxButtons.OK, MessageBoxIcon.Error)
        Catch httpUnhandledExceptionParamter As System.Web.HttpUnhandledException
            MessageBox.Show(httpUnhandledExceptionParamter.Message, "Error Sending Message", MessageBoxButtons.OK, MessageBoxIcon.Error)
        End Try

    End Sub

Question by:INAUSA
  • 3
  • 3
  • 2
LVL 96

Expert Comment

by:Bob Learned
ID: 13959653
I have seen a view blogs that talked about GSSAPI being Kerberos authentication, but I am trying to dig further for definitive proof.

LVL 96

Expert Comment

by:Bob Learned
ID: 13959692
Default NTLM authentication and Kerberos authentication use the Microsoft Windows NT user credentials associated with the calling application to attempt authentication with the server.

Do you have a GSSAPI client to test this with?


Author Comment

ID: 13960100
From the research I have done last week I believe you are correct with GSSAPI being Kerberos.  I do not have a GSSAPI client that I am aware of to test with.  I was merely told that the SMTP server I was to test with was capable of handling NTLM, GSSAPI, Login, and Plain Text authentication and to develop a simple prototype app that could login to the server and send mail using all of the previously mentioned authentication methods..  The code sample posted previously demonstrated NTLM which there was an overabundance of information on the Internet.   I have just been unable to find anything specific to VB.NET regarding GSSAPI or the other methods.  With the NTLM you are correct about it using the credentials of the calling program, that is why in the previous code example for NTLM I did not have to send a username and password. if I change the line of code that specifies NTLM to use "1" for "basic" and then spedficy a username and password with 2 more ".fields.add" statements, the authentication and message sending work fine as well.  There just doesn't seem to be anything out there on the Internet specific to VB.NET regarding GSSAPI/Kerberos (or the other methods except for NTLM).
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

LVL 96

Expert Comment

by:Bob Learned
ID: 13960148
My first guess, without completely understanding, is that NTLM and Kerberos/GSSAPI use the same authentication method, but without a viable test, it is difficult to verify.


Expert Comment

ID: 13961605
On http://support.microsoft.com/kb/q266080/ there is a Q/A:

Does Windows 2000 support General Security Service Application Programming Interface (GSSAPI) (RFC-2743)?

Microsoft supports the Security Support Provider Interface (SSPI) which is semantically similar to the GSSAPI, but syntactically different. For additional information about SSPI, see the Microsoft Windows Platform SDK. The protocol used by Kerberos Security Support Provider (SSP) is the same as that used by the GSSAPI Kerberos5 mechanism defined in the following RFC:

This suggests that you would have to put a larger amount of effort into developing the GSSAPI support than I expect was anticipated for the prototype stage. I suggest you point out to the boss that the prototype stage has therefore been a 100% success (in that it has highlighted problems which may have consequence for the critical path) - and have a celebration lunch!

Author Comment

ID: 13962069
I tend to agree based on the research I have done on the scope of developing GSSAPI support being a larger effort than anticipated. But with that FAQ only mentioning Windows 2000, would later MS operating systems have support for GSSAPI as opposed to the SSP that the above article discusses?  I have been unable to find anything definitive in my searches.  It has seemed that in my research information is limited as far as GSSAPI as it relates to VB.NET.

Accepted Solution

BadgerBill earned 2000 total points
ID: 13966790
Bunch of links for you I'm afraid. It is a sparse subject, I think this should get you to the brink though.

As for later OS having explicit GSSAPI support. This passage:
Security Support Provider Interface
The Security Support Provider Interface (SSPI) is the foundation for authentication in Windows Server 2003. SSPI is the implementation of the Generic Security Service API (GSSAPI) in Windows Server 2003. For more information about GSSAPI, see RFCs 2743 and 2744 in the IETF RFC Database.

suggests they are fairly set on the idea.

As for code samples try this alternative approach. The following document describes 'SSPI/Kerberos Interoperability with GSSAPI' :

and this one has .net sspi examples:


Just had one of those rare moments of clarity! Reading this:

How does this relate to Kerberos? Included with most major Kerberos 5
distributions is a GSSAPI implementation. Thus, if a particular application
or protocol says that it supports the GSSAPI, then that means that it
supports Kerberos, by virtue of Kerberos including a GSSAPI implementation.

So your server actually supports Kerberos v5. SSPI is actually just MS implementation of GSSAPI therefore they support Kerberos v5. Therefore you can implement using SSPI and it will work..... Agree?

This would explain the lack of articles and basically means we were looking at the tree instead of the woods!!


Author Comment

ID: 13999039
Thanks for the information. There just isn't a lot of information out there on implementing GSSAPI/Kerberos in VB.NET.  Hopefully this will change in the future.  The links you provided were helpful, however. Many thanks.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction When many people think of the WebBrowser (http://msdn.microsoft.com/en-us/library/2te2y1x6%28v=VS.85%29.aspx) control, they immediately think of a control which allows the viewing and navigation of web pages. While this is true, it's a…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question