Mailkit client use SecureSocketOptions

Question

Mailkit client use SecureSocketOptions

gsig91 opened this issue 5 years ago · 8 comments

Hello,

is there a way to use the SecureSocketOptions option when initializing the smtp client.

I am facing an issue when initialing the logger in my Program.cs with my asp.net core application

Failed to send email: MailKit.Security.SslHandshakeException: An error occurred while attempting to establish an SSL or TLS connection.

The SSL certificate presented by the server is not trusted by the system for one or more of the following reasons:
1. The server is using a self-signed certificate which cannot be verified.
2. The local system is missing a Root or Intermediate certificate needed to verify the server's certificate.
3. The certificate presented by the server is expired or invalid.

See https://github.com/jstedfast/MailKit/blob/master/FAQ.md#InvalidSslCertificate for possible solutions. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

A custom Mailkit smtp client can connect to the remote SMTP just by using the "SecureSocketOptions" overload.

Related stackoverflow issue (https://stackoverflow.com/questions/56833042/serilog-email-sink-enablessl-false-checks)

Any suggestions would be much appreciated,
thanks in advance,

Answer 1 · 2020-06-25T12:26:09.000Z

I also have this problem, please fix it.

Answer 2 · 2020-09-09T20:58:36.000Z

I also have this problem I am able to send emails with MailKit using SecureSocketOptions.None (as required by my server) but that is not available in EmailConnectionInfo. Setting EnableSsl = false seems to cause it to try to use TLS = true.

Answer 3 · 2021-06-16T18:08:46.000Z

Edit: the dev version works correctly I had bug in my code. Any ETA for the dev version to become a release version?

With the dev version using

SecureSocketOption = Serilog.Sinks.Email.SecureSocketOptions.StartTls

I'm getting

Failed to send email: MailKit.Security.AuthenticationException: 535: 5.7.3 Authentication unsuccessful [LO2P265CA0295.GBRP265.PROD.OUTLOOK.COM]
---> MailKit.Net.Smtp.SmtpCommandException: 5.7.3 Authentication unsuccessful [LO2P265CA0295.GBRP265.PROD.OUTLOOK.COM]
--- End of inner exception stack trace ---
at MailKit.Net.Smtp.SmtpClient.AuthenticateAsync(Encoding encoding, ICredentials credentials, Boolean doAsync, CancellationToken cancellationToken)
at MailKit.Net.Smtp.SmtpClient.Authenticate(Encoding encoding, ICredentials credentials, CancellationToken cancellationToken)
at Serilog.Sinks.Email.EmailSink.OpenConnectedSmtpClient(

When sending via Mailkit directly using

client.Connect(EmailSettings.Host, EmailSettings.Port, SecureSocketOptions.StartTls);

works correctly

Answer 4 · 2021-09-17T14:06:12.000Z

Seems the issue still persists.

Answer 5 · 2021-11-08T21:25:32.000Z

Using the latest devbuild of the nuget package, this does indeed still fail. I've tried a number of work arounds (since I can't force a change to the exchange server) and short of brute forcing it by cloning this repo and adding

#if MAIL_KIT
connectionInfo.SecureSocketOption = SecureSocketOptions.None;
connectionInfo.ServerCertificateValidationCallback = (senderX, certificate, chain, sslPolicyErrors) => true;
#endif

I can't get it to work.

Answer 6 · 2021-11-09T06:58:56.000Z

The workaround suggested by Jay (https://stackoverflow.com/a/64649322/6826260) worked

Answer 7 · 2022-05-10T15:07:24.000Z

Using this dev branch nuget package as this pull request comment suggests worked for me flawlessly.

Answer 8 · 2023-12-23T07:05:51.000Z

Version 3.0.0-dev-* now sorts this out. HTH!