SSL support for smtp.live.com and TIdSmtp (Indy, D

2019-03-26 12:54发布

问题:

I am trying to connect to smtp.live.com to send emails (live.com supports free pop3/smtp since 2009 apparently but this is totally news for me).

Here is what happens when I try to connect to smtp.live.com port 587:

Method sslvSSLv2  - timeout (obviously the server does not support SSL2)
Method sslvSSLv3  - Error connecting with SSL. - error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Method sslvSSLv23 - Error connecting with SSL. - error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Method sslvTLSv1  - Error connecting with SSL. - error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

I use the same code with sslvSSLv23 and sslvTLSv1 and it works normally with gmail smtp (smtp.gmail.com, port 465) server. Also, Outlook sends mails normally when SSL is checked and on port 587 so it may be something related to OpenSSL. Can anyone help me with this mystery? Did I missed to set something?

回答1:

Like GMail, Live.com's port 587 requires the client to connect unencrypted and send a STARTTLS command before then initiating an SSL/TLS handshake. In Indy 10, you do that by setting the TIdSMTP.UseTLS property to utUseExplicitTLS before connecting. It sounds like you have the UseTLS property set to utUseImplicitTLS instead (which is what is needed for GMail port 465).