Security Verified
Browse Categories
 Affiliates
 Backup & Restore
 Billing & MyAccount FAQs
 Control Panels
 Customer Tools
 Databases
 Dedicated Servers
 DNS and Domain Registration
 Email
 Glossary
 Network
 News
 PCI Compliance
 Postmaster
 Pre-sales FAQ
 Publishing Your Site
 Reseller Tips
 Search Engine Optimization
 Security Topics
 SSL and HTTPS
 Support: Getting Help
 Virtual Desktops
 Virtual Servers
 Website Design & Development
 Website Errors

DotNetNuke Hosting
SQL 2008 R2 / IIS 7.5 Hosting
WordPress Hosting
Forex Trader Hosting
Personal Desktop Hosting

ERROR: 5.7.0 Must issue a STARTTLS command first

 Article ID: 1829

 Back to Search

Symptom:

Upon submission of an email from web-based form, you receive similar to:

The server response was: 5.7.0 Must issue a STARTTLS command first.

This is commonly seen when submitting a message to google (i.e., smtp.googlemail.com) as they require SMTP over SSL. 

Answer

 

This indicates:
 
1) you are making a successful connection to the smtp server on TCP 25
2) your code is not initiating a TLS connection by issuing a STARTTLS command after the session is established, but the mail server is requiring it. 
 
The mail server is requiring an SMTP submission to be made using SMTP over SSL. This is implemented during the session by the SMTP client (your code) issuing the STARTTLS command after the TCP socket connection has been made.  The mail server is responding to you that your code made the connection, and then proceeded to try to send the mail, without setting up the SSL/TLS on the connection, i.e., it didn't issue the STARTTLS command. 
 
The short answer is, you need to enable SSL/TLS on your SMTP connection.  How and IF you can do this will vary depending on what you're using to send the mail.  
 
In the following, we discuss several common scenarios for sending mail where you may encounter this, and the solution:
  • System.Web.UI.WebControls.PasswordRecovery in ASP.net 2.0
    • This provider loads the SMTP settings info from your web.config, and sends the mail.  Within ASP.net 2.0 it does not natively support enabling SSL/TLS on the SMTP connection. There are a multitude of articles discussing this shortcoming, and the workaround.. which is apparently to intercept the event, and rewrite the message using your own code to call System.Net.Mail.SmtpClient directly, and invoking it's option for enabling SSL on the SMTP connection. One such article is provided here:
    • http://blogs.msdn.com/b/vikas/archive/2008/04/29/bug-asp-net-2-0-passwordrecovery-web-control-cannot-send-emails-to-ssl-enabled-smtp-servers.aspx
  • System.Web.UI.WebControls.PasswordRecovery in ASP.net 4.0
    • This provider loads the SMTP settings info from your web.config, and sends the mail.  Enabling SSL/TLS on the SMTP connection IS supported by default... and implemented by simply adding the following to your mailsettings area of your web.config:
    • enableSsl="true" 
    • Example of the mailsettings area of your web.config with this enabled:

 

<mailSettings>
<smtp from="me@gmail.com">
<network host="smtp.googlemail.com" enablessl="true" password="mypassword" port="25" userName="me@gmail.com" />
</smtp>
</mailSettings>

 
 
Downloads Associated With This Article
No downloads are currently associated with this article.

© 2001 - 2013 3Essentials Inc.
Terms Of Service | Privacy Policy | Copyright Policy | Affiliates