Use TLS/SSL with IMAP in .NET
Mail.dll IMAP .NET email component supports Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols to authenticate the server and secure client-server email downloads.
There are two modes in which Mail.dll can work:
- Implicit – where Mail.dll IMAP client immediately connects using secure channel,
- Explicit – where Mail.dll IMAP client connects on unsecured channel first and then secures the communication by issuing STARTTLS command. This mode is sometimes called TLS.
In both cases, by default, Secure Sockets Layer (SSL) 3.0 and Transport Layer Security (TLS) 1.0, 1.1, 1.2, 1.3 are acceptable for secure communication. You can change the defaults using Imap.SSLConfiguration property.
Imap client may decide to secure the channel, if IMAP server explicitly forbids logging-in on unsecured channel and you are using UseBestLogin method.
IMAP implicit TLS/SSL mode
Mail.dll IMAP component connects using secure TLS/SSL channel. You need to know in advance, if the server supports TLS/SSL connections – ask your administrator. Typically, IMAP over TLS/SSL is associated with port 993, but this is not always the case. You can always specify different then standard port by using ConnectSSL method overloads.
// C# version
using System;
using System.Collections.Generic;
using Limilabs.Client.IMAP;
using Limilabs.Mail;
class Program
{
static void Main(string[] args)
{
using (Imap imap = new Imap())
{
imap.ConnectSSL("imap.example.com");
imap.UseBestLogin("user", "password");
imap.SelectInbox();
List<long> uids = imap.Search(Flag.Unseen);
foreach (long uid in uids)
{
var eml = imap.GetMessageByUID(uid);
IMail email = new MailBuilder()
.CreateFromEml(eml);
string subject = email.Subject;
}
imap.Close();
}
}
}
' VB.NET version
Imports System
Imports System.Collections.Generic
Imports Limilabs.Client.IMAP
Imports Limilabs.Mail
Public Module Module1
Public Sub Main(ByVal args As String())
Using imap As New Imap()
imap.ConnectSSL("imap.example.com")
imap.UseBestLogin("user", "password")
imap.SelectInbox()
Dim uids As List(Of Long) = imap.Search(Flag.Unseen)
For Each uid As Long In uids
Dim eml = imap.GetMessageByUID(uid)
Dim email As IMail = New MailBuilder() _
.CreateFromEml(eml)
Dim subject As String = email.Subject
Next
imap.Close()
End Using
End Sub
End Module
IMAP explicit TLS/SSL mode
Mail.dll IMAP component connects using clear text channel and secures the channel using TLS/SSL by issuing STARTTLS command. Typically standard IMAP port 143 is used, but this is not always the case. You can always specify different then standard port using Connect method overloads.
// C# version
using System;
using System.Collections.Generic;
using Limilabs.Mail;
using Limilabs.Client.IMAP;
class Program
{
static void Main(string[] args)
{
using (Imap imap = new Imap())
{
imap.Connect("imap.example.com");
imap.StartTLS();
imap.UseBestLogin("user", "password");
imap.SelectInbox();
List<long> uids = imap.Search(Flag.Unseen);
foreach (long uid in uids)
{
var eml = imap.GetMessageByUID(uid);
IMail email = new MailBuilder()
.CreateFromEml(eml);
string subject = email.Subject;
}
imap.Close();
}
}
}
' VB.NET version
Imports System
Imports System.Collections.Generic
Imports Limilabs.Mail
Imports Limilabs.Client.IMAP
Public Module Module1
Public Sub Main(ByVal args As String())
Using imap As New Imap()
imap.Connect("imap.example.com")
imap.StartTLS()
imap.UseBestLogin("user", "password")
imap.SelectInbox()
Dim uids As List(Of Long) = imap.Search(Flag.Unseen)
For Each uid As Long In uids
Dim eml = imap.GetMessageByUID(uid)
Dim email As IMail = New MailBuilder() _
.CreateFromEml(eml)
Dim subject As String = email.Subject
Next
imap.Close()
End Using
End Sub
End Module
After you connect, you can check, if your IMAP server supports explicit TLS/SSL using following code:
// C# version
bool supportsStartTLS = imap.SupportedExtensions()
.Contains(ImapExtension.StartTLS);
' VB.NET version
Dim supportsStartTLS As Boolean = imap.SupportedExtensions() _
.Contains(ImapExtension.StartTLS)
You can read more here on how to know which extensions does your server support.
Self-signed certificates
If you are using self-signed certificates you may encounter this error: The remote certificate is invalid according to the validation procedure.
Get Mail.dll
January 9th, 2015 at 12:57
[…] Use SSL with IMAP […]
December 29th, 2015 at 11:52
i have a problem with the ssl connetcion to “imap.gmail.com”. after 20 second the program gives a serverexception “connetcted attemp failed….”. I see the your other articles but i don’t resolve the problem
December 29th, 2015 at 12:42
@Alberto
This article may help you: http://www.limilabs.com/blog/download-emails-from-gmail
Are you sure that your network administrator does not block Gmail?
May 8th, 2016 at 19:07
[…] First thing you need to do is to connect to your POP3 server. Use Connect(string host) method to connect to the server. Typically IMAP server is working on port 143. You can use Connect(string host, int port) overload when you need to specify different port, or ConnectSSL methods to use IMAP over SSL. […]
March 20th, 2018 at 06:07
I have made a scheduler which working well on my local machine but not on remote desktop my web server getting following issue :
Limilabs.Client.ServerException: No connection could be made because the target machine actively refused it XXX.xxx.xx.xxx:xxx.
March 20th, 2018 at 13:55
@John Goswami
Please make sure you are using correct connection settings and your application has enough security permissions to establish connection to the remote server.
Make sure firewall and antivirus software are disabled or configured correctly (this includes Windows Defender).
For details read this article: http://www.limilabs.com/blog/connection-attempt-failed