I'm trying to send email through C#. Although I beleive I've done everything right, it still throws this exception :
"The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.5.1 Authentication Required. Learn more at"
At first I thought, it could be a zone/ip/region problem... But when i logged into gmail, there wasn't any warning of that. And to be sure, i've uploaded a file to a website to check from there, still the error was thrown.
Than I've tried changing the port to 465. It didn't work either.
I've first tried with accounts that are managed by a Google Apps account. So I thought it could be it, but it wasn't either...
I'm truly out of ideas right now.
Any of you have an idea ?
Here is the example code :
SmtpClient sm = new SmtpClient("smtp.gmail.com",587);
sm.Credentials = new NetworkCredential("blabla#gmail.com","**");
sm.UseDefaultCredentials = false;
sm.EnableSsl = true;
sm.DeliveryMethod = SmtpDeliveryMethod.Network;
sm.Send("blabla#gmail.com","blabla2#tr3reklam.com","Test","Test");
** Note **
I've checked the account name and password, they both are right.
"Access for less secure apps" must be enabled for the Gmail account used by the NetworkCredential using Google's settings page.
It was caused by 2-Step Verification after all !
It is odd, but without turning on "Allow users to be able to turn on 2-Step verification on" option set to true, I couldn't send any mails.
2-Step verification is still off for the accounts but, probably allowing users to choose for themselves make some security settings in the background.
I couldn't find any documentation about this but I can send now...
Put the code sm.UseDefaultCredentials = false; before sm.Credentials = ...
Related
Despite spending an entire morning with GoDaddy chat, and reading almost everything I can find on sending emails via godaddy I am still no closer to solving my issue.
What Have I tried
Firstly, this is my code.
var smtpClient = new SmtpClient("smtpout.secureserver.net")
// var smtpClient = new SmtpClient("relay-hosting.secureserver.net", 25)
{
Port = 25,
UseDefaultCredentials = false,
EnableSsl = false,
Credentials = new NetworkCredential("user#User.com", "Password#"),
// DeliveryMethod = SmtpDeliveryMethod.Network,
};
and I think I should mention that this works when I attempt to use google's free smpt server, the mail is sent. However using my godaddy credentials, I get the following error,
Message = "Service not available, closing transmission channel. The server response was: Cannot connect to SMTP server 72.167.234.197 (72.167.234.197:25), connect error 10060" other times it says
InnerException = {"Unable to read data from the transport connection: An established connection was aborted by the software in your host machine."}
I have also tried other suggested ports like 587 , 80, 3552. Nothing has changed, I have also tried the suggestion at this link https://www.godaddy.com/help/send-email-using-systemnetmail-19291 . Which did not work (no suprise to me, cause where am i putting the account password) . Would appreciate it if anyone has solved getting their C# application to work with Godaddy. Like I said it works with Google so I dont believe my code is an issue in anyway.
regards
Your code looks good, however, one way to test if you are using the correct smtp settings is to send the email with a program like Microsoft Outlook or Thunderbird. Also, if you are using a dedicated server or a VPS, you need to use
dedrelay.secureserver.net
See: https://in.godaddy.com/help/what-is-my-servers-email-relay-server-16601
Also, check out this see: https://in.godaddy.com/community/VPS-Dedicated-Servers/Unable-to-send-email-from-C-net-application-from-website/m-p/102913#M1256
which mentions: "If you are using a Plesk shared hosting plan, use relay-hosting.secureserver.net and port 25. Do not specify a username or password. Other relay/smtp servers will not work from our shared hosting."
Our company is switching the SMTP mail server to Office 365. The key issue is the new SMTP server "smtp.office365.com" only supports TLS encryption. Thus I cannot use CredentialCache.DefaultNetworkCredentials to encode my Windows log-in password automatically.
var smtpClient = new SmtpClient("smtp.oldserver.com")
{
Credentials = CredentialCache.DefaultNetworkCredentials
};
const string from = "myemail#xyz.com";
const string recipients = "myemail#xyz.com";
smtpClient.Send(from, recipients, "Test Subject", "Test Body");
Previously this works without any issue. But if I now change the above snippet to:
var smtpClient = new SmtpClient("smtp.office365.com");
smtpClient.EnableSsl = true;
smtpClient.Port = 587;
smtpClient.Credentials = CredentialCache.DefaultNetworkCredentials;
I'm now getting:
Unhandled Exception: System.Net.Mail.SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM
But if I specify my Windows login username and password in the code it works fine:
smtpClient.Credentials = new NetworkCredential("myemail#xyz.com", "mypassword");
So:
Is it possible to encode the password using DefaultNetworkCredentials but make it workable under TLS encryption?
If 1. is not possible, is there a better way to encode my Windows password somewhere else without directly revealing it as plaintext in the code?
The two topics - credentials and encryption - are unrelated. DefaultNetworkCredentials only works when the mail server and your computer belong to the same "network" or to be more accurate, the same or connected Active Directory server. I'm guessing that the old SMTP server was on premise and was part of your office network. The O365 server is in the cloud and doesn't share the AD.
When you provide your credentials explicitly, it works because O365 is able to authenticate you.
There is a possibility to use Azure Active Directory and somehow connect it to your on premise Active Directory. I'm not familiar with the details but I know it can be done. I believe that if you set this up correctly, DefaultNetworkCredentials will start working again.
Details about O365 authentication: https://blogs.office.com/2014/05/13/choosing-a-sign-in-model-for-office-365/
If you need to store the password, you need to store it encrypted. See this answer: Best way to store encryption keys in .NET C#
In my situation I encrypt the section of the web.config that I store these credentials in. I have similarly stored an encrypted version of the credentials in my DB and had a routine to decrypt them in the application.
I am trying to send out an email from my windows form application. I have seen a lot of similar posts, but none seem to work. But when I change my settings in gmail to allow less secure apps, the code works. But I don't want to make my account vulnerable for this application. Here's the code and error I get if I don't allow less secure apps.
MailMessage mail = new MailMessage("abc#gmail.com", "xyz#gmail.com", "Test Automation", "Did you receive this?");
SmtpClient client = new SmtpClient("smtp.gmail.com");
client.Port = 587;
client.Credentials = new NetworkCredential("abc#gmail.com", "password");
client.EnableSsl = true;
client.Send(mail);
MessageBox.Show("Mail Sent", "success");
An unhandled exception of type 'System.Net.Mail.SmtpException'
occurred in System.dll
Additional information: The SMTP server requires a secure connection
or the client was not authenticated. The server response was: 5.5.1
Authentication Required.
Please help!
P.S. : I created an outlook account using my gmail and when i put in the oulook server and credentials, the code works. So is it the issue with new gmail security changes? Other similar questions have their problem solved, but I keep having the same errors after trying pretty much every solution.
If you don't have 2 factor
Enable "Less Secure Apps"
https://www.google.com/settings/security/lesssecureapps
If you have 2 factor authentication
You can make an "App Password". Go to the ling below and add a custom app (just write any name you want, name not important just used for your own "bookkeeping") then use that password as the password.
client.Credentials = new NetworkCredential("From#gmail.com", "Generated Password");
https://security.google.com/settings/u/1/security/apppasswords
NOTE:
If you get "The setting you are looking for is not available for your account" then use "less secure app"
This seems a common error but while I've found a work-around (see below) I can't pin down the reason I'm getting it in the first place.
I am writing SMTP functionality into our application and I'm attempting to add SSL functionality to the working SMTP we already have.
I am testing using our company's MS Exchange server and specifically the webmail option enabled on that. I can send emails internally through my code by not authenticating my connection and sending anonymously, however those emails won't relay to external email addresses due to our companies policy. Besides which I am programming this for our customers and they don't all allow open relay and/or anonymous connections.
I believe the Exchange server is using Explicit SSL/ TLS. I have tried telnet to the server's address on port 25 and got a text response, human readable response, which according to some of my searches previously means it's using Explicit SSL/ TLS.
I have the following test code
SmtpClient SMTPClient = new SmtpClient(webmailaddress);
SMTPClient.Port = 25;
SMTPClient.UseDefaultCredentials = true;
SMTPClient.EnableSsl = true;
System.Net.Mail.MailMessage Message = new `
System.Net.Mail.MailMessage(emailFrom,emailTo,subject,body);
SMTPClient.Send(Message);
During my searching for a solution I came across this "The remote certificate is invalid according to the validation procedure." using Gmail SMTP server
From which I got the following code...
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate);
public static bool ValidateServerCertificate(object sender,X509Certificate certificate,X509Chain chain,SslPolicyErrors sslPolicyErrors)
{
if (sslPolicyErrors == SslPolicyErrors.None)
return true;
else
{
if (System.Windows.Forms.MessageBox.Show("The server certificate is not valid.\nAccept?", "Certificate Validation", System.Windows.Forms.MessageBoxButtons.YesNo, System.Windows.Forms.MessageBoxIcon.Question) == System.Windows.Forms.DialogResult.Yes)
return true;
else
return false;
}
}
This works in my test code. HOWEVER the actual process I'm writing (rather than my test code) is going to run in the background and can't really ask the user (instead it reports errors in the windows error log).
As I started, my question is really why I'm getting this error at all. If I go to https:webmail.ourdomain.co.uk in a browser it shows a valid certificate and there is no option to install the certificate (as I would have done if it were a self-signed one).
However when I run my code, with a debug break poing in the ValidateServerCertificate method, I look at the certificate values and see an issuer of our local server and 'don't use before', and 'don't use after' properties of today. This does not match the certificate I am getting.
I've also checked what the sslPolicyErrors flags are in the debug of ValidateServerCertificate, and they are showing "RemoteCertificateChainErrors" and "RemoteCertificateNameMismatch".
So what am I missing about this... why is it not using the correct certificate? If there are steps I need to take to install the certificate locally for it to use then I need to know them so I can tell my customers what to do if they get this.
I don't want to just by-pass the check by returning true from the ValidateServerCertificate method, and because it's a background process I can't ask the user, so I need to understand how to get my code to use the correct/trusted certificate.
Hope someone can advise.
The answer I have finally found is that the SMTP service on the server is not using the same certificate as https.
The diagnostic steps I had read here make the assumption they use the same certificate and every time I've tried this in the past they have done and the diagnostic steps are exactly what I've done to solve the problem several times.
In this case those steps didn't work because the certificates in use were different, and the possibility of this is something I had never come across.
The solution is either to export the actual certificate from the server and then install it as a trusted certificate on my machine, or to get a different valid/trusted certificate for the SMTP service on the server. That is currently with our IT department who administer the servers to decide which they want to do.
Old post but as you said "why is it not using the correct certificate" I would like to offer an way to find out which SSL certificate is used for SMTP (see here) which required openssl:
openssl s_client -connect exchange01.int.contoso.com:25 -starttls smtp
This will outline the used SSL certificate for the SMTP service. Based on what you see here you can replace the wrong certificate (like you already did) with a correct one (or trust the certificate manually).
Old post, but I thought I would share my solution because there aren't many solutions out there for this issue.
If you're running an old Windows Server 2003 machine, you likely need to install a hotfix (KB938397).
This problem occurs because the Cryptography API 2 (CAPI2) in Windows
Server 2003 does not support the SHA2 family of hashing algorithms.
CAPI2 is the part of the Cryptography API that handles certificates.
https://support.microsoft.com/en-us/kb/938397
For whatever reason, Microsoft wants to email you this hotfix instead of allowing you to download directly. Here's a direct link to the hotfix from the email:
http://hotfixv4.microsoft.com/Windows Server 2003/sp3/Fix200653/3790/free/315159_ENU_x64_zip.exe
trying to send email from WinForms application for domain user. This works fine for recipients that are on the domain, but for external recipients gives the Unable to Relay message
SmtpClient client = new SmtpClient(mailServer);
client.Credentials = CredentialCache.DefaultNetworkCredentials;
client.Send(mail);
Is it possible to use the user's account to provide credentials?
System.Security.Principal.WindowsIdentity.GetCurrent();
I've also tried setting UseDefaultCredentials to true and false and setting Credentials to null
thanks
Matt
Is it throwing error for any external address or just for a specific one ?
For example, if it is a yahoomail address and it is incorrect, you will get this error. what is your mailserver ? I don't think your problem is because of credentials.
Pretty sure this is a setting on exchange - You need to specify which pc's are allowed to relay via smtp.