SslMode - Explicit mode vs Implicit mode

0 votes
asked Feb 18, 2013 by pkeil (200 points)
edited Feb 19, 2013

I recently started working with your Email component and it works like a charm, another great product by rebex, glad that I bought the full package.

I just want to offer a basic POP3 email download function with a very basic SSL support. No advanced features.

It should look like Apples "mail" application where you can enter:

1.) Username 2.) Password 3.) Host 4.) Port 5.) Auth (according to your Pop3Authentication enum) 6.) SSL (yes|no)

But what SslMode should I go for? Explicit mode or Implicit mode?

Do you recommend to select it automatically according to the table on this page: ? https://www.rebex.net/kb/tls-ssl-explicit-implicit/default.aspx

Or is it better to let the user decide? (I would prefer to leave it away)

Is there some kind of auto detection or a default/standard setting?

What's best practise?

Thanks a advance.

Applies to: Rebex Secure Mail

1 Answer

+1 vote
answered Feb 18, 2013 by Tomas Knopp (58,890 points)
edited Feb 19, 2013
 
Best answer

We are glad that you like our components! Thank you for your feedback.

We thought about your question and came up with this simple algorithm to decide which SslMode to use. It always uses explicit mode on port 110 and on other ports it tries first implicit and in need also explicit mode. This should cover most of POP3 servers. If a server runs implicitly secured TLS/SSL on port 110, it is practically a suicide, because no one will ever get there from normal pop3 clients, so we ignore this possibility (You could still detect it by detecting timeout which is rather time-costly.)

public void AutoDetectSslMode(Pop3 pop3, bool ssl, string server, int port, string expected)
    {
        if(ssl)
        {
            if (port == Pop3.DefaultPort)
            {
                pop3.Connect(server, port, SslMode.Explicit);
            }
            else // for ports other than 110 try implicit mode
            {
                try
                {
                    pop3.Connect(server, port, SslMode.Implicit);
                }
                catch (TlsException ex)
                {
                    if (ex.Message != "Fatal error 'ProtocolVersion' has been encountered on the local connection end.")
                        throw ex;

                    // if not implicit, try explicit mode
                    pop3.Connect(server, port, SslMode.Explicit);
                }
            }
        }
        else
        {
            pop3.Connect(server, port, SslMode.None);
        }
    }
commented Feb 19, 2013 by pkeil (200 points)
edited Feb 19, 2013

Hi Tomáš,

perfect, thank you very much!

commented Feb 19, 2013 by Tomas Knopp (58,890 points)
edited Feb 19, 2013

Hi Pkeil, you're welcome! If you have any more questions feel free to ask either here at our forum or you can send email to support@rebex.net.

...