I'm developing an ASP.NET MVC application that needs to transmit sensitive information via email. I'm aware of using S/MIME to encrypt the email contents end-to-end, but I cannot use it for various reasons. I also realize, however, that the emails would be sent in plain-text from the web host's SMTP server to the destination email servers, opening up a serious man-in-the-middle vulnerability. Therefore, I need to ensure that the outgoing SMTP server will transmit a message ONLY IF it can establish a TLS/SSL connection with the destination mail server.
I've been searching for a while and can't even figure out where in the process that decision is made. Most answers address enforcing TLS between the application and the SMTP server, which I've already solved. Can anyone shed some light on this? Thanks.
What you are trying to do is not possible. Once you've submitted the mail to the mail server you've lost control over it. There is no way to instruct the server (and all following server in the path) to only deliver the mail with TLS.
Related
I am receiving the message "Mail Enabled Sub-domain check failed" when attempting to send emails via our internal SMTP server.
I am using the SMTP Client library in a VS2013 development environment. I've inherited the code and due to the confidential information contained in the actual configuration, unfortunately I am not at liberty to post it; but I can affirm that the settings for the SMTP Client are correct and I may be able to provide any additional information if it helps to answer the question as long as it doesn't require confidential data.
In past configurations, I have always authenticated directly to a specifically named SMTP server by providing the host and port information in the SMTPClient class instantiation.
This scenario is somewhat different because I've been informed that one of our other servers (A Web Server) where the application is running; is actually being passed as the SMTP Host for the SMTP Client connection.
But in actuality, I'd say it would technically be functioning as a Relay Server since it isn't an SMTP server.
Messages are submitted to our internal staff from the clients through a Popup Dialog that allows them to enter their message and click submit. The message gets sent to an internal email address and CC'd to the sender.
Upon debugging the program, no errors get thrown on the Send() method of the client.
I've tested this and the message must be hitting the SMTP server because I do get an email; however, instead of receiving the test message that I submit via the application; I get a message stating, "Delivery to the following recipients failed." with my email address in it and the email to where the message should be sent.
At the end of the message it says "Mail Enabled Sub-domain check failed"
I've searched online for this message but get no hits so it may be a message that is generated only within our organization; or maybe no one has posted the problem before.
In either case, can anyone provide any insight as to what this message likely means? I receive no errors in the System or Application event logs on the server. Maybe there are some other areas I need to check to make certain the Web server is properly configured to function as an SMTP relay server? I am unfamiliar with configuring a Web Server in this manner.
I'm at a loss for clues at this point.
I am posting this answer as it pertained to our particular situation. I'm fairly certain that the message may be somewhat of a blanket error; and so there may be other scenario's for which the error could be generated.
As previously stated, the SMTP host address that our application is using is actually the host address of the Web Server on which the application is running. The Web Server is also configured as an SMTP relay server, meaning any mail requests sent via the application uses the local host to relay the message to the actual SMTP Exchange Server.
After hours of troubleshooting to find the cause of the error it was identified that the Server Name was not in the correct format to leverage the SMTP Relay system.
For example, the host name that was used was in the format:
machinenameCNameAlias.subdomain.domain.com
when it should have been
actualMachineName.subdomain.domain.com
In other words, the use of a CNAME alias was not valid when using an SMTP Relay Server. (At least in our configuration)
Once the CNAME alias was replaced with the actual name of the server, the error was resolved.
I am obviously not an expert in any respect with the particulars of Exchange or it's Configuration counter parts; but after searching online with the keywords, "CNames and SMTP Relay Servers"; I did find other potential references; maybe inferring that CNAME aliases are discouraged with similar configuration types.
If anyone else can affirm these observations, that would be great.
But as for the particular scenario for which the question was initially posted, this was the answer for us.
I'm writing unit testing for email validation.
I'm trying to write a very simple POP3 email listener (using sockets) so the email can be sent to my local machine using something like test#hostnameofmymachine.
I tried to do something like this: https://msdn.microsoft.com/en-us/library/kb5kfec7%28v=vs.110%29.aspx
But I don't know on which port the email will be sent so I can't create a socket unless I know which port to listen to.
How can the SMTP server (which sends the message) can know on which port to send the email? (IMAP 143? 993?) (POP3 110? 995?) So I don't know on which port I must listen to.
How can the SMTP know whether the receiver is POP3 or IMAP? How can it know whether SSL is supported?
I'm quite sure I'm missing some important information regarding email protocol.
POP3 and IMAP do not receive email, they only allow access to stored emails.
You need to write an SMTP server, not a POP3 server.
I recommend you to use this repository, it contains in itself most of the services you may need and it is easy to configure.
In our case we use the services:
Postfix with SMTP.
Dovecot for POP3.
SpamAssassin with custom rules.
OpenDKIM
OpenDMARC
LetsEncrypt and self-signed certificates
Persistent data and state
CI/CD
Extension Delimiters (you+extension#example.com go to you#example.com)
Docker Mail Server
https://github.com/docker-mailserver/docker-mailserver
I am Creating an application in c# . I have to know how can I know the status of the sended email.The status May be.
4. Track sent emails to determine if they were:
4.1 delivered
4.2 opened
4.3 recipient opt-out
4.4 bounced (with the reason for the bounce)
4.5 time/date sent
4.6 which links in the email were clicked (and time/date they were clicked)
4.7 IP address, if user clicked any links in the email
Should I use Any API or Dll or something else.Please help .Any Help will be Appreciated.
If you program your application to send mail through a hosted SMTP server like http://www.sendgrid.com or http://www.ultrasmtp.com, you can access the delivery status of messages that you've sent.
There is no easy way to do what you want. Actually this status can be tracked by your SMTP server itself and if you are using some third-party SMTP server like GMail or any corporate server, I 'm afraid they won't give you access to those information without using a authenticated client.
From your C# program, if the SmtpClient.Send() method returns true, you can assume the mail has been delivered to the SMTP server. If in case, the delivary fails, you should receive a mail to the outbound mail ID's inbox. If you want to make outbound mails appear in your outbox, you should configure IMAP/POP3 configurations accordingly.
There is no API or DLL available in exact form you want, as far as I know. You can try some other way like tracking a hash or embedded image in the mail-body from your server. But these are not reliable way as most mordern Messaging services have counter-measures for this.
Just as the question says.
I am using IIS 6 to send emails out from my Windows Server with C#. I want to detect bounces with C# from the SMTP email server. Right now, all the bounces get sent to a Gmail account. I could just check and parse each email in that account, but I was wondering if there is any easier way like hooking up a windows service or something to the IIS 6 SMTP server.
Help?
Thanks!
I know little about the IIS6 SMTP server, but based on what I know about SMTP in general, I doubt you're going to have much luck. Your message to joe#foo.com gets forwarded from server to server until it ends up at the foo.com SMTP server, which then responds to the reply-to address that the "joe" mailbox doesn't exist. That server may have no direct contact with your SMTP server at all.
As a result, there's no opportunity for the IIS6 SMTP server to receive any information about the bounced message. I think your existing idea of polling the inbox for the reply-to address is probably going to be your best bet.
Does Gmail support RFC 821? I know it is using ESMTP. Based on understanding ESMTP is RFC 1869. But I must use RFC 821 commands with C# and want to test it. If Gmail doesn't provide support, is there any server provides this service for developers?
Thanks in advance
RFC1869 defines a set of extensions to the SMTP protocol that a server can support. They come in addition to the standard SMTP protocol described in RFC 821. In other words, any server that supports RFC 1869 must also support RFC 821. The newer standard makes this explicit:
4.1. Changes to STD 10, RFC 821
This specification is intended to extend STD 10, RFC 821 without
impacting existing services in any way. The minor changes needed are
enumerated below.
If a client connects to such a server and issues a standard HELO command, it should get a server that speaks SMTP. If you need to use any of the SMTP extensions, though, you need to instead issue the extension command EHLO, which indicates a client that also speaks RFC1869.
However, just because the server speaks SMTP doesn't mean it's going to speak it with you. In particular, the server may require authentication as per RFC 4954 (e.g. require an AUTH LOGIN or similar command, or a STARTTLS command for encrypted communication). If you fail to properly authenticate before issuing a command, the server could legally send an SMTP error. While this error would be a legal SMTP response per RFC 821, that's probably not going to help you out very much.
RFC 1869 (ESMTP) is a refinement of RFC 821 (SMTP), not a separate protocol. You can still talk basic SMTP to an ESMTP server -- in fact, ESMTP servers are required to support it.
Since it sounds like you're trying to build something that interoperates with GMail SMTP, keep in mind that it's not intended for use by anything other than a desktop mail client. Trying to send bulk mail via GMail will end badly.
Almost all Internet Service (connectivity) Providers (ISPs) offer an SMTP server for their customers to use to send email. Your ISP's help page undoubtedly explains how to do this -- it probably mentions something like smtp.comcast.net or smtp.whatver.net.
It is quite likely, though, that they won't let you send more than a certain number of email messages per day through that port. And, they certainly won't let you send any messages through it unless you're on a machine on their network.
You may also be able to use gmail's smtp server. But, in order to do this your client software will need to be able to use TLS, port 587, and authentication (using your gmail username and password). See here:
http://support.google.com/mail/bin/answer.py?hl=en&answer=86374
This need for authenticated and encrypted communication with the smtp server could prove to be quite a pain in the neck for your work of debugging. Best to find an open SMTP server you can test things with.
The good news: RFC821 is pretty doggone simple.
Yahoo can send email to rfc821 mail server.
And another tool that is amazin is https://www.wormly.com/test_smtp_server