Symptom:
Upon submission of an email from web-based form, you receive similar to:
The server response was: 5.7.0 Must issue a STARTTLS command first.
This is commonly seen when submitting a message to google (i.e., smtp.googlemail.com) as they require SMTP over SSL.
Answer:
This indicates:
1) you are making a successful connection to the smtp server on TCP 25
2) your code is not initiating a TLS connection by issuing a STARTTLS command after the session is established, but the mail server is requiring it.
The mail server is requiring an SMTP submission to be made using SMTP over SSL. This is implemented during the session by the SMTP client (your code) issuing the STARTTLS command after the TCP socket connection has been made. The mail server is responding to you that your code made the connection, and then proceeded to try to send the mail, without setting up the SSL/TLS on the connection, i.e., it didn't issue the STARTTLS command.
The short answer is, you need to enable SSL/TLS on your SMTP connection. How and IF you can do this will vary depending on what you're using to send the mail.
In the following, we discuss several common scenarios for sending mail where you may encounter this, and the solution:
-
System.Web.UI.WebControls.PasswordRecovery in ASP.net 2.0
-
This provider loads the SMTP settings info from your web.config, and sends the mail. Within ASP.net 2.0 it does not natively support enabling SSL/TLS on the SMTP connection. There are a multitude of articles discussing this shortcoming, and the workaround.. which is apparently to intercept the event, and rewrite the message using your own code to call System.Net.Mail.SmtpClient directly, and invoking it's option for enabling SSL on the SMTP connection. One such article is provided here:
-
http://blogs.msdn.com/b/vikas/archive/2008/04/29/bug-asp-net-2-0-passwordrecovery-web-control-cannot-send-emails-to-ssl-enabled-smtp-servers.aspx
-
System.Web.UI.WebControls.PasswordRecovery in ASP.net 4.0
-
This provider loads the SMTP settings info from your web.config, and sends the mail. Enabling SSL/TLS on the SMTP connection IS supported by default... and implemented by simply adding the following to your mailsettings area of your web.config:
-
enableSsl="true"
-
Example of the mailsettings area of your web.config with this enabled:
<mailSettings>
<smtp from="me@gmail.com">
<network host="smtp.googlemail.com" enablessl="true" password="mypassword" port="25" userName="me@gmail.com" />
</smtp>
</mailSettings>
|