Archived Forum Post

Index of archived forum posts

Question:

Cannot Connect via SSL with SMTP Port 587?

Nov 25 '12 at 15:31

I am using your SOCKET ActiveX with Delphi 2010.

There is a problem connecting to smtp.live.com... ths TLS handshake is NOT working.

this is the log from the ActiveX:

25/11/2012 14:12:23.896 UTC:  Cannot connect via SSL to smtp.live.com 65.55.162.200 at port 587 Error Code = 0
ChilkatLog:
  Connect_Socket:
    DllDate: Aug  5 2012
    UnlockPrefix: myPrefix
    Username: myUser
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 0
    objectId: 1
    hostname: 65.55.162.200
    port: 587
    ssl: 1
    maxWaitMs: 5000
    ConnectTimeoutMs_1: 5000
    calling ConnectSocket2
    IPV6 enabled connect with NO heartbeat.
    This is an IPV4 numeric address...
    AddrInfoList:
      AddrInfo:
        ai_flags: 4
        ai_family: 2
        ai_socktype: 1
        ai_protocol: 0
        ai_addrlen: 16
        ai_canonname: (NULL)
      --AddrInfo
    --AddrInfoList
    Connect using IPV4.
    ipAddress1: 65.55.162.200
    myIP_3: 10.0.0.2
    myPort_3: 55331
    connect successful (2)
    clientHelloMajorMinorVersion: 3.1
    buildClientHello:
      majorVersion: 3
      minorVersion: 1
      numRandomBytes: 32
      sessionIdSize: 0
      numCipherSuites: 10
      numCompressionMethods: 1
    --buildClientHello
    Timeout waiting to read socket or accept connection
    timeoutMs: 5000
    Failed to read TLS record (2)
    tlsRec_msg: 126
    msgLen: 8258
    Expected ServerHello but did not receive it.
    Client handshake failed. (3)
    Failed.
  --Connect_Socket
--ChilkatLog


Answer

Port 587 is the customary port for "explicit" SSL/TLS. The error is that you are trying to connect using "implicit" SSL/TLS.

"implicit" means that immediately upon connection the SSL/TLS handshake begins and the secure connection is established.

"explicit" means that the non-encrypted TCP socket connection is first established, and then it is converted to a secure SSL/TLS channel using some command in the protocol, which in this case is SMTP.

Therefore, instead of setting the MailMan2.SmtpSsl property = 1 (which indicates implicit SSL), set the MailMan2.StartTLS property = 1 to indicate explicit SSL.