I have a Delphi application that sends emails to a smarthost using an Indy IdSMTP object.
I would like to use Amazon SES service, with the SMTP interface. According to http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html, I need to use a TLS connection.
I'm not sure which value I should use for the IdSMTP object UseTLS property and then what should be specified in IOHandler.
Is there a straightforward way to use Amazon SES in Delphi? For now I would like to be able to send only text email messages but in the future I might need to send HTML email messages.
Before connecting to the server, you need to assign an SSL-enabled TIdIOHandler component, such as TIdSSLIOHandlerSocketOpenSSL, to the TIdSMTP.IOHandler property, and set the TIdSMTP.UseEHLO property to True. You then have two choices for configuring the TLS settings:
set the TIdSMTP.UseTLS property to utUseExplicitTLS, and then set the TIdSMTP.Port property to either 25, 587, or 2587 (all three ports on SES support utUseExplicitTLS).
set the TIdSMTP.UseTLS property to utUseImplicitTLS, and then set the TIdSMTP.Port property to either 465 or 2465 (both ports on SES support utUseImplicitTLS).
The difference between the UseTLS values is that utUseExplicitTLS will connect to the server initially unencrypted and then send an SMTP STARTTLS command to the server to enable encryption when needed, whereas utUseImplicitTLS will connect to the server and enable encryption immediately before any SMTP-related data can then be exchanged.
Amazon suggests verifying the server's TLS certificate to verify the integrity of the connection. You can enable the sslvrfPeer and sslvrfFailIfNoPeerCert flags in the TIdSSLIOHandlerSocketOpenSSL.SSLOptions.VerifyMode property, and then use the TIdSSLIOHandlerSocketOpenSSL.OnVerifyPeer event to validate the certificate details as needed.