9 Replies - 989 Views - Last Post: 19 January 2022 - 04:52 AM Rate Topic: -----

#1 jcborland   User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 159
  • Joined: 16-December 13

Sending emails via gmail

Posted 22 December 2021 - 09:23 AM

Hi,
I need to send emails from a C# app using gmail. I've had it working in the past but I think there may be some security issue getting in the way now. Here is the code I'm using :
            MailMessage mail = new MailMessage();

            SmtpClient smtpServer = new SmtpClient("smtp.gmail.com");
            
            smtpServer.UseDefaultCredentials = false;
            smtpServer.DeliveryMethod = SmtpDeliveryMethod.Network;
            smtpServer.Port = 587;
            smtpServer.EnableSsl = true;
            smtpServer.Credentials = new NetworkCredential("myemail.co.uk", "mypassword");
            
            mail.From = new MailAddress("myemail.co.uk");
            mail.To.Add("clientemail.co.uk");
            mail.Subject = "Subject";
            mail.Body = "Body";
            
            
            try
            {
                smtpServer.Send(mail);
            }
            catch(Exception ex)
            {

            }



I'm getting the following error message : The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 Authentication Required. Learn more at

Are there some additional settings I need to add? If I set my gmail account to allow less secure apps I can send emails no problem but I'd rather not do that.

Regards,
Jim.

Is This A Good Question/Topic? 0
  • +

Replies To: Sending emails via gmail

#2 modi123_1   User is offline

  • Suitor #2
  • member icon



Reputation: 16503
  • View blog
  • Posts: 65,458
  • Joined: 12-June 08

Re: Sending emails via gmail

Posted 22 December 2021 - 09:37 AM

It may be a TLS problem.

Put this line at the top of your app's main and try it out.

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
Was This Post Helpful? 0
  • +
  • -

#3 Sheepings   User is offline

  • D.I.C Lover
  • member icon

Reputation: 267
  • View blog
  • Posts: 1,409
  • Joined: 05-December 13

Re: Sending emails via gmail

Posted 22 December 2021 - 10:18 PM

SmtpClient smtpServer = new SmtpClient("smtp.gmail.com");


Just saying... but calling a variable smtpServer when its actually a client, is really poor on your part.

Regarding your issue; its because you are not using a valid trusted and signed SSL cert as is requested by Google and its a modern-day requirement.

I suggest reading up on the RFC about this. Port 587 uses Secure Socket Layer (SSL) or Transport Layer Security (TLS) certificate to transfer data over from StartTLS, since StartTLS is what is used to transition data from plain text to encrypted data on port 587. You're still better off using 587, but if you can't get SSL working correctly, do go implicit by using port 465, and if all else fails, use port 25 if you absolutely must.

Not recommended as doing so makes data through your network stream vulnerable. Side-note on the above advice, but I believe changing the TLS version no longer has any effect but by all means do try anyhow and let me know if I'm right or wrong. Best advice, use a valid/trusted SSL on 587!


Your code works. But I see some other problems surrounding cleanliness, and since I don't know the last time you read the docs on using the SMTPClient, but Microsoft used to have a warning saying there is no way to know when an SMTPClient is finished being used, so I'd suggest wrapping it in using statements as it does not clean itself up afterwards.

You also might have noticed that the IDE will likely tell you that you are using an obsolete class. Just in case you're wondering, this was wrongfully labelled and it won't effect how your SMTPClient works. There is a whole argument on that here : https://github.com/d...ocs/issues/2986
Was This Post Helpful? -1
  • +
  • -

#4 jcborland   User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 159
  • Joined: 16-December 13

Re: Sending emails via gmail

Posted 07 January 2022 - 04:14 AM

View Postmodi123_1, on 22 December 2021 - 04:37 PM, said:

It may be a TLS problem.

Put this line at the top of your app's main and try it out.

System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;

Hi Modi123,
Thanks again for the help.

I've added that line into Main at the very top but it has made no difference at all.

Can you suggest anything else?
Regards,
Jim.
Was This Post Helpful? 0
  • +
  • -

#5 jcborland   User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 159
  • Joined: 16-December 13

Re: Sending emails via gmail

Posted 07 January 2022 - 04:34 AM

View PostSheepings, on 23 December 2021 - 05:18 AM, said:

SmtpClient smtpServer = new SmtpClient("smtp.gmail.com");


Just saying... but calling a variable smtpServer when its actually a client, is really poor on your part.

Regarding your issue; its because you are not using a valid trusted and signed SSL cert as is requested by Google and its a modern-day requirement.

I suggest reading up on the RFC about this. Port 587 uses Secure Socket Layer (SSL) or Transport Layer Security (TLS) certificate to transfer data over from StartTLS, since StartTLS is what is used to transition data from plain text to encrypted data on port 587. You're still better off using 587, but if you can't get SSL working correctly, do go implicit by using port 465, and if all else fails, use port 25 if you absolutely must.

Not recommended as doing so makes data through your network stream vulnerable. Side-note on the above advice, but I believe changing the TLS version no longer has any effect but by all means do try anyhow and let me know if I'm right or wrong. Best advice, use a valid/trusted SSL on 587!


Your code works. But I see some other problems surrounding cleanliness, and since I don't know the last time you read the docs on using the SMTPClient, but Microsoft used to have a warning saying there is no way to know when an SMTPClient is finished being used, so I'd suggest wrapping it in using statements as it does not clean itself up afterwards.

You also might have noticed that the IDE will likely tell you that you are using an obsolete class. Just in case you're wondering, this was wrongfully labelled and it won't effect how your SMTPClient works. There is a whole argument on that here : https://github.com/d...ocs/issues/2986

Hi Sheepings,
Thanks for the help.

First of all I do apologise for the "SmptClient / smtpServer" issue! I don't know what I was thinking when I did that as it was several years ago but looking at it now it is a perverse thing to do and not something I'd typically do, so please accept my apologise.

Regarding the problem I'm having getting the app to send emails. Do I need to add an SSL Cert to the SmtpClient somehow? I can see there is a "smptClient.ClientCertificates" which would enable me to "Specify which certificates should be used to establish the Secure Sockets Layer (SSL) connection." I note that it mentions certificates plural which suggests I might need multiple certificates. So am I now looking at generating an X509CertificateCollection?

There lots on this in Google but none of it very clear, to me at least.

Regards,
Jim.
Was This Post Helpful? 0
  • +
  • -

#6 Sheepings   User is offline

  • D.I.C Lover
  • member icon

Reputation: 267
  • View blog
  • Posts: 1,409
  • Joined: 05-December 13

Re: Sending emails via gmail

Posted 07 January 2022 - 12:00 PM

No no Jim...

The certificate will be served up by the server to the client upon connection and the smtpClient will know how to handle the connection itself based on the configuration you have set. Its the server you want to send mail from which must have a valid signed certificate to use. Given your circumstances, and this would be Google. Unlikely that this is a fault with them. What did you change or what changed prior to it working before, to now? Did your hosting machine change networks or geographic locations during this time?

I would argue and second guess that you may want to clear your network cache and even change your own network dns settings and try make the connection again. The likelihood of this working are very high. Your issue is local to do with your network configs and not your code. Think about it, if it worked before without x509 certs, why would you need one now?

I'd like to send you screenshots on how to reset your dns, but Windows Home/Pro/Other all have different interfaces for navigating to your IP4 config editor, and each platform is slightly different. Anyway, go here : http://prntscr.com/26b6c2o and type in 2 ips of one of the public dns providers, and see if you experience the same outcome. Further, I would hope you are smart enough to know that two factor authentication needs to be tuned off for the account sending the mails. I would also recommend you add a timeout to your smtpclient.

My last bit of advice courtesy of another website :
Additionally go to the Google Account > Security page and look at the Signing in to Google > 2-Step Verification setting.
If it is enabled, then you have to generate a password allowing .NET to bypass the 2-Step Verification. To do this, click on Signing in to Google > App passwords, select app = Mail, and device = Windows Computer, and finally generate the password. Use the generated password in the fromPassword constant instead of your standard Gmail password.

To be clear, using a X509Certificate is different and likely going to cause additional issues on top of what you are experiencing already so don't do that. Don't get sucked into the C#/BouncyCastle/x509 rabbit hole. That's not your issue and your code above will work, as I only wrote out a mail sender app in Asp.net a few weeks ago for one of my own projects, and its wrote the same way as yours and works perfectly.

This post has been edited by Sheepings: 07 January 2022 - 12:01 PM

Was This Post Helpful? 1
  • +
  • -

#7 jcborland   User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 159
  • Joined: 16-December 13

Re: Sending emails via gmail

Posted 09 January 2022 - 08:42 AM

Hi Sheepings,
I'm a little confused by what you've said! You say "I would hope you are smart enough to know that two factor authentication needs to be tuned off for the account sending the mails."
and later on you say "My last bit of advice courtesy of another website :
Additionally go to the Google Account > Security page and look at the Signing in to Google > 2-Step Verification setting.
If it is enabled, then you have to generate a password allowing .NET to bypass the 2-Step Verification."

However you have helped me. The gmail account I'm trying to do this with doesn't appear to have 2-Step Verification setup but when I click on the Set Up button to set it up it just goes around in circles by asking me to login and I'm back at the Set Up button. I think I'm going to have to speak to Google regarding this. I can tell you I'm really looking forward to that!!

So in the meantime I've just setup a new gmail account, enable 2-Step and added an App password and it's all work grand. So thanks for the help. I did try sending an email with this new account without setting up 2-Step but I just got the same error as before.

Regards,
Jim.
Was This Post Helpful? 0
  • +
  • -

#8 jcborland   User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 159
  • Joined: 16-December 13

Re: Sending emails via gmail

Posted 10 January 2022 - 05:47 AM

Hi,
When I eventually got hold of a Google support engineer he was very very helpful. I've now got my gmail account set properly and everything is working grand. I did have to enable 2-Step verification though and create an App password. Because my gmail is using my own domain name I had to enable 2-Step verification at the Admin Console level before it would allow me to set it up at my email account level before that it was just going around and around in circles.

Sheepings were you able to send email without using an App password?

Thanks again for all the help.

Regards,
Jim.
Was This Post Helpful? 0
  • +
  • -

#9 Sheepings   User is offline

  • D.I.C Lover
  • member icon

Reputation: 267
  • View blog
  • Posts: 1,409
  • Joined: 05-December 13

Re: Sending emails via gmail

Posted 10 January 2022 - 08:22 PM

Quote

I'm a little confused by what you've said! You say "I would hope you are smart enough to know that two factor authentication needs to be tuned off for the account sending the mails."

Correct, and I said that because it works easier without all the added security layers. And the later advice, was not mine, and I was merely shining light on the point being made if Two Factor is enabled which was not my advice.

Quote

Sheepings were you able to send email without using an App password?

Previously we were able too but I don't know about today with all the new security settings they've thrown in. Where I was testing was on my own servers, so I don't need to provide app passwords since my domains are mine, and all my emails are on my own domains, hosted by me and not Google. Sure didn't you say yourself it was working previously for you, so clearly your previous configuration worked also?

Quote

However you have helped me. The gmail account I'm trying to do this with doesn't appear to have 2-Step Verification setup but when I click on the Set Up button to set it up it just goes around in circles by asking me to login and I'm back at the Set Up button.

I'm glad that info helped you, but that doesn't really explain what caused this issue on Googles side, and did they explain to you how that issue began or what caused it?

Just in case any future readers are wondering why I was talking about DNS regarding this login issue... I was putting it down to handshaking across secure sockets with TLS. This can cause all sorts of connectivity problems where a computers credentials have changed without resetting the network properly. This is often done while a connection is being established. When a sever has HTTP Strict Transport Security (HSTS) enabled and a user suddenly switches network, the server can block the connection because it perceives the traffic to be "hijacked" or "spoofed" by a MITM attack. It's something I've seen a lot of (accidently) while setting up various server infrastructures in the past. As HSTS is something I use on my servers. This issue is similar to a web browser holding a bad cache that hasn't been hard reset or properly flushed out. And because of what is also outlined in RFC 6797 section 8.4 regarding TLS, this led me to think it was probably related.

Curious, was there something about post 3 you didn't like? I don't really care about downvotes, but if I can help you understand something better, its often better to ask for clarity before downvoting. :)
Was This Post Helpful? 1
  • +
  • -

#10 jcborland   User is offline

  • D.I.C Head

Reputation: 3
  • View blog
  • Posts: 159
  • Joined: 16-December 13

Re: Sending emails via gmail

Posted 19 January 2022 - 04:52 AM

Hi Sheepings,

I don't use this forum a lot so I didn't realise I was down voting the post! The question just says "Was this post helpful?" and as it wasn't I clicked on the negative sign. It was only after I'd clicked on it that I realised it gave negative points.

I've clicked the plus sign on the last post to make up for it.

I think the reason it worked in the past and not now is that Google have uped the security requirements since I last tried it.

Whatever the reason it seems that gmail requires 2-step to be enabled and an App password created to use instead of the actual password.

Thanks again.

Regards,
Jim.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1