Upgrade SSL security to TLS 1.2

The default security algorithm for SSL connections in Windows is TLS 1.0. However, nowadays it’s no longer considered secure. TLS 1.2 addresses all known issues of earlier implementations but it cannot be selected by Windows automatically. To use it, you need to specify it manually. Starting from MailBee.NET Objects v10 and .NET Framework v4.5, you can do this:

Imap imp = new Imap();
imp.SslProtocol = MailBee.Security.SecurityProtocol.Tls12;
imp.Connect("imap.gmail.com", 993);
Pop3 pop = new Pop3();
pop.SslProtocol = MailBee.Security.SecurityProtocol.Tls12;
pop.Connect("pop.gmail.com", 995);
Smtp mailer = new Smtp();
SmtpServer server = new SmtpServer("smtp.gmail.com");
server.SslProtocol = MailBee.Security.SecurityProtocol.Tls12;
server.Port = 465;

Of course, the mail server you’re using must support TLS 1.2 as well. You can give your users the option to use the default value for SslProtocol in case if the server does not support TLS 1.2 but the users should be warned that they are putting their security at risk if using the fallback option.

Note that .NET Framework v4.0 and earlier does not support TLS 1.1/1.2. You need to upgrade to .NET 4.5 at least (and use MailBee.NET.45.dll which is optimized for .NET 4.5+) to take advantage of the latest TLS versions.

Upgrade SSL security to TLS 1.2

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s