I have a Delphi application that sends emails to a smarthost using an Indy IdSMTP object.
I would like to use Amazon SES service, with the SMTP interface. According to http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html, I need to use a TLS connection.
I'm not sure which value I should use for the IdSMTP object UseTLS property and then what should be specified in IOHandler.
Is there a straightforward way to use Amazon SES in Delphi? For now I would like to be able to send only text email messages but in the future I might need to send HTML email messages.
Before connecting to the server, you need to assign an SSL-enabled TIdIOHandler
component, such as TIdSSLIOHandlerSocketOpenSSL
, to the TIdSMTP.IOHandler
property, and set the TIdSMTP.UseEHLO
property to True. You then have two choices for configuring the TLS settings:
set the TIdSMTP.UseTLS
property to utUseExplicitTLS
, and then set the TIdSMTP.Port
property to either 25, 587, or 2587 (all three ports on SES support utUseExplicitTLS
).
set the TIdSMTP.UseTLS
property to utUseImplicitTLS
, and then set the TIdSMTP.Port
property to either 465 or 2465 (both ports on SES support utUseImplicitTLS
).
The difference between the UseTLS
values is that utUseExplicitTLS
will connect to the server initially unencrypted and then send an SMTP STARTTLS
command to the server to enable encryption when needed, whereas utUseImplicitTLS
will connect to the server and enable encryption immediately before any SMTP-related data can then be exchanged.
Amazon suggests verifying the server's TLS certificate to verify the integrity of the connection. You can enable the sslvrfPeer
and sslvrfFailIfNoPeerCert
flags in the TIdSSLIOHandlerSocketOpenSSL.SSLOptions.VerifyMode
property, and then use the TIdSSLIOHandlerSocketOpenSSL.OnVerifyPeer
event to validate the certificate details as needed.