Using TLS 1.2 with .NET SMTP client

In the following article, we will provide a comprehensive guide on configuring the Mail.dll SMTP client to utilize the TLS 1.2 encryption protocol.

This security enhancement ensures that sending email communications remain safeguarded against potential threats and unauthorized access.

By default clients and SMTP servers negotiate SSL/TLS versions they can both use. Most systems don’t allow SSL 3.0, TLS 1.0, 1.1 anymore and Mail.dll SMTP component simply uses the most recent TLS version.

TLS 1.2 and 1.3 are the most secure versions of TLS protocols. It is easy to force the connection to use it.

All you need to do is to set Smtp.SSLConfiguration.EnabledSslProtocols property to SslProtocols.Tls12 before issuing ConnectSSL or Connect and StartTLS sequence:

Here you can learn more on how TLS/SSL and StartTLS work in SMTP protocol
// C#

using (Smtp smtp = new Smtp())
{
    smtp.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12;

    smtp.ConnectSSL("smtp.example.com");

    smtp.UseBestLogin("user","password");

    // ... 

    smtp.Close();
}

' VB.NET

Using smtp As New Smtp()
	smtp.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12

	smtp.ConnectSSL("smtp.example.com")

	smtp.UseBestLogin("user@example.com", "password")

	'...

	smtp.Close()
End Using

Explicit SSL/TLS (STARTTLS)

For explicit SSL/TLS, code is almost the same. You first connect to a default, non-secure SMTP email submission port (587) and secure the connection using Smtp.StartTLS method:

// C#

using (Smtp smtp= new Smtp())
{
    smtp.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12;

    smtp.Connect("smtp.example.com");
    smtp.StartTLS();

    smtp.UseBestLogin("user@example.com","password");

    // ... 

    smtp.Close();
}

' VB.NET

Using smtp As New Smtp()
	smtp.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12

	smtp.Connect("smtp.example.com")
	smtp.StartTLS()

	smtp.UseBestLogin("user@example.com", "password")

	'...

	smtp.Close()
End Using

Older .NET framework versions

To use TLS 1.2 in SMTP client at least .NET Framework 4.5+ must be installed on your machine and your application should target .NET 4.5+.

It is possible to use TLS 1.2 in applications targeting earlier .NET framework versions, but 4.5 must be installed on the machine. After you have .NET 4.5 installed, your 2.0 – 4.0 app will use the 4.5 System.dll and you can enable TLS 1.2 using this code:

// C#

smtp.SSLConfiguration.EnabledSslProtocols = 
    (SecurityProtocolType)3072;

Tags:    

Questions?

Consider using our Q&A forum for asking questions.