[Mono-list] Sending mail with smtp.gmail.com

Sebastien Pouliot sebastien.pouliot at gmail.com
Thu Aug 20 14:36:21 EDT 2009


Toutu,

Ok, the required fixes (including relaxing the "usage check") are in SVN
for both HEAD (to become 2.6) and in the 2.4 branch.

Thanks,
Sebastien

On Thu, 2009-08-20 at 12:03 -0400, Sebastien Pouliot wrote:
> On Wed, 2009-08-19 at 14:56 -0700, toutu wrote:
> > Thank you for your attention.
> > I revised different thread. My source code is very short.
> > I am using smtpclient class and it seems to have a behavior very different
> > from WebRequest class.
> > If I run certmgr -ssl smtps://smtp.gmail.com:587 certmgr crashes too.
> 
> No, I meant that your *code* (not certmgr) should be using port 587. You
> already have installed the certificate (from port 465).
> 
> I did a quick test[1] and it looks like google has a new certificate
> (6/8/2009) which encoded usage does not include SSL. I'll investigate
> this...
> 
> Sadly the current shipping[2] code for StmpClient does not honor
> ServicePointManager.ServerCertificateValidationCallback[3] so you cannot
> easily work around this certificate problem.
> 
> Sebastien
> 
> [1] I attached the code I'm using to test gmail
> [2] fixed in r140347
> [3] nor ICertificatePolicy but this one is normal, since it was limited
> to WebRequest
> 
> > 
> > Thanks.
> > Regards. 
> > 
> > 
> > Sebastien Pouliot-2 wrote:
> > > 
> > > On Wed, 2009-08-19 at 22:15 +0200, Petit Eric wrote:
> > >> workaround :
> > >> line 102 and 197
> > >> http://monoosc.svn.sourceforge.net/viewvc/monoosc/MonoOSC/MonoOBSFramework/Class/VarGlobal.cs?revision=273&view=markup
> > > 
> > > Eric, like I already told you (October 7, 2008) this is NOT the right
> > > way to do this and leaves your code vulnerable to many, well known,
> > > attacks. *You* might want to continue using this (I can't force you to
> > > do it correctly) but please don't publicize this as a workaround. Keep
> > > in mind that what _may_ work for a quick-hack can be potentially
> > > disastrous for others.
> > > 
> > > 
> > > Toutu, have a look at http://go-mono.com/forums/#nabble-td19851624
> > > thread. In particular the parts about using SMTP port 587 for
> > > submission. If that does not work please open a bug report and include
> > > (part of) the code you're using.
> > > 
> > > Sebastien
> > > 
> > >> 2009/8/19 toutu <mlariau at gmail.com>:
> > >> >
> > >> > Hi everybody,
> > >> >
> > >> >
> > >> > I built a very simple desktop program (no asp), to send email using
> > >> gmail
> > >> > smtp.
> > >> > I am using smtpclient with enablessl and port 587
> > >> >  It works perfectly under windows but raise exception under linux.
> > >> > After reading comments in this forum I tried :
> > >> >        mozroots --import --ask-remove --machine
> > >> >                 certmgr -ssl -m smtps://smtp.gmail.com:465
> > >> > then
> > >> >        mozroots --import --ask-remove
> > >> >                 certmgr -ssl  smtps://smtp.gmail.com:465
> > >> >
> > >> > Note that certmgr warned me that the certicate of CA store had an
> > >> invalidate
> > >> > signature. I confirmed the integration of the certificate.
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >                he authentication or decryption has failed.
> > >> > System.IO.IOException: The authentication or decryption has failed.
> > >> --->
> > >> > System.InvalidOperationException: SSL authentication error:
> > >> > RemoteCertificateChainErrors
> > >> >  at System.Net.Mail.SmtpClient.<SmtpClient>m__3 (System.Object sender,
> > >> > System.Security.Cryptography.X509Certificates.X509Certificate
> > >> certificate,
> > >> > System.Security.Cryptography.X509Certificates.X509Chain chain,
> > >> > SslPolicyErrors sslPolicyErrors) [0x00000]
> > >> >  at
> > >> >
> > >> System.Net.Security.SslStream+<BeginAuthenticateAsClient>c__AnonStorey12.<>m__9
> > >> > (System.Security.Cryptography.X509Certificates.X509Certificate cert,
> > >> > System.Int32[] certErrors) [0x00000]
> > >> >  at
> > >> >
> > >> Mono.Security.Protocol.Tls.SslClientStream.OnRemoteCertificateValidation
> > >> > (System.Security.Cryptography.X509Certificates.X509Certificate
> > >> certificate,
> > >> > System.Int32[] errors) [0x00000]
> > >> >  at
> > >> >
> > >> Mono.Security.Protocol.Tls.SslStreamBase.RaiseRemoteCertificateValidation
> > >> > (System.Security.Cryptography.X509Certificates.X509Certificate
> > >> certificate,
> > >> > System.Int32[] errors) [0x00000]
> > >> >  at
> > >> >
> > >> Mono.Security.Protocol.Tls.SslClientStream.RaiseServerCertificateValidation
> > >> > (System.Security.Cryptography.X509Certificates.X509Certificate
> > >> certificate,
> > >> > System.Int32[] certificateErrors) [0x00000]
> > >> >  at
> > >> >
> > >> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCertificates
> > >> > (Mono.Security.X509.X509CertificateCollection certificates) [0x00000]
> > >> >  at
> > >> >
> > >> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsTls1
> > >> > () [0x00000]
> > >> >  at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process ()
> > >> > [0x00000]
> > >> >  at (wrapper remoting-invoke-with-check)
> > >> > Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
> > >> >  at
> > >> Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage
> > >> > (Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000]
> > >> >  at
> > >> Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
> > >> > (IAsyncResult asyncResult) [0x00000]
> > >> >  --- End of inner exception stack trace ---
> > >> >  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
> > >> > (IAsyncResult asyncResult) [0x00000]
> > >> >
> > >> >
> > >> > Help appreciated.
> > >> > Regards.
> > >> > --
> > >> > View this message in context:
> > >> http://www.nabble.com/Sending-mail-with-smtp.gmail.com-tp25051030p25051030.html
> > >> > Sent from the Mono - General mailing list archive at Nabble.com.
> > >> >
> > >> > _______________________________________________
> > >> > Mono-list maillist  -  Mono-list at lists.ximian.com
> > >> > http://lists.ximian.com/mailman/listinfo/mono-list
> > >> >
> > >> 
> > >> 
> > >> 
> > > 
> > > _______________________________________________
> > > Mono-list maillist  -  Mono-list at lists.ximian.com
> > > http://lists.ximian.com/mailman/listinfo/mono-list
> > > 
> > > 
> > 
> _______________________________________________
> Mono-list maillist  -  Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list



More information about the Mono-list mailing list