Solved

Indy 10 TIdSMTP UseTLS property

Posted on 2006-10-26
6
5,664 Views
Last Modified: 2012-08-13
My question is about SMTP (TIdSMTP component) and TLS.

UseTLS property can have the following values:
utNoTLSSupport
utUseExplicitTLS
utUseImplicitTLS
utUseRequireTLS

After doing many searches I am confused about those values.

This is what I found.
utNoTLSSupport = unsecure connection
utUseImplicitTLS = uses SSL unconditionally from the moment the socket is connected
utUseRequireTLS & utUseExplicitTLS = allow TIdSMTP to query the server for its capabilities after connecting and then enable SSL dynamically only if the server allows it

Use utUseRequireTLS if you do not want to use an unencrypted connection
Use utUseExplicitTLS if you are willing to use an unencrypted connection

I am a little bit lost now...

In Thunderbird you have the options "TLS", "TLS if available" and "SSL". To wich UseTLS properties values these options match?

Please help me!
0
Comment
Question by:mychel_normandeau
  • 3
  • 2
6 Comments
 
LVL 1

Accepted Solution

by:
real_icecoke earned 250 total points
ID: 17814774
Hi,

'SSL' in thunderbird results in a connection to port 465 of the smtp server - doing the business as usual (without TLS)
'TLS if available' is connecting to port 25 and 'ask' for TLS connection if the server is capable.
'TLS' connects to port 25 and disconnects if no TLS is available with this server.

So, to 'translate' this to Indy (afaik).
utUseImplicitTLS -> uses port 465 and SSL connection (no TLS capability of the server needed - could even be done with a tunnel like 'stunnel' under linux).

utUseRequireTLS -> like 'TLS' in thunderbird - (you need a local cert for this afaik - can't remenber how indy 10 solves this - maybe there is something like an event like 'GetCertificate' which is the moment for you to present a client cert for the server.)

utUseExplicitTLS -> like 'TLS if available'.

I stopped using indy 10 because of its instable state for our production applications. Indy 9 is not capable of SSL/TLS so I use 'clever components' for SSL/TLS stuff which is very stable and comfortable to use. And.... no, I have no connection in any way to 'clever components' except that I am a satisfied customer.

All above is written 'from head' so, don't hit me if I did a mistake, but I guess I got it all :)

gracias
icecoke
0
 

Author Comment

by:mychel_normandeau
ID: 17818900
Thanks real_icecoke! Is someone can confirm, both of you will get 250 pts.
0
 
LVL 1

Expert Comment

by:real_icecoke
ID: 17820255
mychel,

I did not meant that I'm not sure about the whole thing I was telling you, I just can't remember the indy 10 stuff especially. But the meaning of explicit/implicit TLS etc. is no invention of Indy. It has to be with the way SMTP is handling TLS and SSL in general. e.g any smtp client with any smtp server.
So what you have to do is to determine on your own, how you can handle the cert stuff etc. with indy 10 if you still want to use it. Please be warned regarding the instability if you use it in a production environment.

And.... btw. 250pts for a confirmation of what I said? hmm, call me picky, but that wouldn't be fair. But anyway, they are your points, you can do what you want with them.

gracias
icecoke
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:mychel_normandeau
ID: 17820937
Sorry, real_icecoke, I just wanted to attract more people to my question :)
0
 
LVL 1

Expert Comment

by:real_icecoke
ID: 17821053
np - as I said. They are your points.

But I guess noone will just confirm or repeat what other community users said before. But if something is unclear from my statement, that just ask for this. This would be a good start for other peoples an me to give more information on this. I would be glad to help if I can.

gracias
icecoke
0
 

Expert Comment

by:simawb
ID: 23848257
You can use Synapse Lib. to use SMTP with TLS.
http://www.ararat.cz/synapse/doku.php/public:howto:smtpsend
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
Creating an auto free TStringList The TStringList is a basic and frequently used object in Delphi. On many occasions, you may want to create a temporary list, process some items in the list and be done with the list. In such cases, you have to…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now