These are chat archives for IndySockets/Indy
Hello, Remy. Here is my results of migration from Indy9 to Indy10 of secured email via different hosts.
1) Port is hardcoded to 465
2) services to check : mailtrap.io and smtp.gmail.com
3) In our application user can manually choose which type of SSL to use. By default it is OpenSSLv23 i.e. negotiation to choose version is allowed.
Indy 9 code worked under that settings for both mailtrap.io and smtp.gmail.com.
smtp.gmail.com negotiated with client to TlSv1
under Indy10 negotiation with mailtrap.io works fine
with smtp.gmail.com negotiation doesn't work (why it doesn't negotiated to TlS at all?) but after applying 'magic line'
AIdSMTP.UseTLS := utUseImplicitTLS;
smtp.gmail.com became to understand application in negotiation mode too and negotiation is resolved to TLSv1.2.
Now the question is : is it reliable to left this line provided end user would have own mail server settings?
And why negotiation didn't work without that line?
UseTLSappropriately, as that governs how SSL/TLS is used during the SMTP session.
UseTLS=utNoTLSSupportis the default, it means no SSL/TLS is used.
UseTLS=utUseImplicitTLSperforms an SSL/TLS handshake as soon as the socket is connected, before any SMTP traffic is exchanged.
UseTLS=utUseExplicitTLSconnects the socket initially unsecure and then issues an SMTP
STARTTLScomand to perform a handshake only if the server advertises support for that. Indy 9 did not support
STARTTLSat all. Indy 10 does. So you have to specify which mode to use. Not all servers support
STARTTLS, but those that do offer it for legacy clients so they don't have to use SSL/TLS if they don't want to. GMail supports both modes. Port 465 is SMTP's implicit SSL port, port 587 is the explicit TLS port.