We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Indy 10 TIdSMTP UseTLS property

mychel_normandeau
on
Medium Priority
7,646 Views
Last Modified: 2012-08-13
My question is about SMTP (TIdSMTP component) and TLS.

UseTLS property can have the following values:
utNoTLSSupport
utUseExplicitTLS
utUseImplicitTLS
utUseRequireTLS

After doing many searches I am confused about those values.

This is what I found.
utNoTLSSupport = unsecure connection
utUseImplicitTLS = uses SSL unconditionally from the moment the socket is connected
utUseRequireTLS & utUseExplicitTLS = allow TIdSMTP to query the server for its capabilities after connecting and then enable SSL dynamically only if the server allows it

Use utUseRequireTLS if you do not want to use an unencrypted connection
Use utUseExplicitTLS if you are willing to use an unencrypted connection

I am a little bit lost now...

In Thunderbird you have the options "TLS", "TLS if available" and "SSL". To wich UseTLS properties values these options match?

Please help me!
Comment
Watch Question

Hi,

'SSL' in thunderbird results in a connection to port 465 of the smtp server - doing the business as usual (without TLS)
'TLS if available' is connecting to port 25 and 'ask' for TLS connection if the server is capable.
'TLS' connects to port 25 and disconnects if no TLS is available with this server.

So, to 'translate' this to Indy (afaik).
utUseImplicitTLS -> uses port 465 and SSL connection (no TLS capability of the server needed - could even be done with a tunnel like 'stunnel' under linux).

utUseRequireTLS -> like 'TLS' in thunderbird - (you need a local cert for this afaik - can't remenber how indy 10 solves this - maybe there is something like an event like 'GetCertificate' which is the moment for you to present a client cert for the server.)

utUseExplicitTLS -> like 'TLS if available'.

I stopped using indy 10 because of its instable state for our production applications. Indy 9 is not capable of SSL/TLS so I use 'clever components' for SSL/TLS stuff which is very stable and comfortable to use. And.... no, I have no connection in any way to 'clever components' except that I am a satisfied customer.

All above is written 'from head' so, don't hit me if I did a mistake, but I guess I got it all :)

gracias
icecoke

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Thanks real_icecoke! Is someone can confirm, both of you will get 250 pts.
mychel,

I did not meant that I'm not sure about the whole thing I was telling you, I just can't remember the indy 10 stuff especially. But the meaning of explicit/implicit TLS etc. is no invention of Indy. It has to be with the way SMTP is handling TLS and SSL in general. e.g any smtp client with any smtp server.
So what you have to do is to determine on your own, how you can handle the cert stuff etc. with indy 10 if you still want to use it. Please be warned regarding the instability if you use it in a production environment.

And.... btw. 250pts for a confirmation of what I said? hmm, call me picky, but that wouldn't be fair. But anyway, they are your points, you can do what you want with them.

gracias
icecoke

Author

Commented:
Sorry, real_icecoke, I just wanted to attract more people to my question :)
np - as I said. They are your points.

But I guess noone will just confirm or repeat what other community users said before. But if something is unclear from my statement, that just ask for this. This would be a good start for other peoples an me to give more information on this. I would be glad to help if I can.

gracias
icecoke

Commented:
You can use Synapse Lib. to use SMTP with TLS.
http://www.ararat.cz/synapse/doku.php/public:howto:smtpsend
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.