Search code examples
emailsmtpsmtpclientmailkit

Why is MailKit trying to establish a SSL connection if useSsl is false?


My MailKit code:

            var eMail = new MimeMessage();
            eMail.From.Add( new MailboxAddress( sender, sender ) );
            eMail.To.Add( new MailboxAddress( recipient, recipient ) );
            eMail.Subject = subject;
            eMail.Body = new TextPart( TextFormat.Plain ) { Text = body };

            using( var smtpClient = new SmtpClient() )
            {
                smtpClient.Connect( "smtp.foo.com", 25, false );
                smtpClient.Send( eMail );
                smtpClient.Disconnect( true );
            }

Our mail server allows non-secure connections on port 25 but this code is throwing the following exception while connecting:

MailKit.Security.SslHandshakeException: An error occurred while attempting to establish an SSL or TLS connection.

The host name (smtp.foo.com) did not match any of the names given in the server's SSL certificate:
  • ...
  • ...
 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at ...

Why is MailKit even trying to establish a SSL connection in this case? How can I fix it?

Thank you!


Solution

  • MailKit's Connect(string host, int port, bool useSsl) API only enables/disables immediate SSL the moment the socket connects to the remote host. It does not tell MailKit not to upgrade the connection to SSL if the remote host supports the STARTTLS command.

    MailKit always tries to be as secure as possible to protect users.

    That said, if you want to completely disable SSL, you can use the Connect(string host, int port, SecureSocketOptions sslOptions) API instead:

    client.Connect ("smtp.host.com", 587, SecureSocketOptions.None);
    

    For reference, the following 2 calls are identical:

    client.Connect ("smtp.host.com", 587, true);
    client.Connect ("smtp.host.com", 587, SecureSocketOptions.SslOnConnect);
    

    As are these:

    client.Connect ("smtp.host.com", 587, false);
    client.Connect ("smtp.host.com", 587, SecureSocketOptions.StartTlsWhenAvailable);
    

    Hopefully the above 2 examples demonstrating the bool true/false equivalents helps you better understand why MailKit does what it does.