Use TLS/SSL with IMAP in .NET

Mail.dll IMAP .NET email component supports Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols to authenticate the server and secure client-server email downloads.

There are two modes in which Mail.dll can work:

  • Implicit – where Mail.dll IMAP client immediately connects using secure channel,
  • Explicit – where Mail.dll IMAP client connects on unsecured channel first and then secures the communication by issuing STARTTLS command. This mode is sometimes called TLS.

In both cases, by default, Secure Sockets Layer (SSL) 3.0 and Transport Layer Security (TLS) 1.0, 1.1, 1.2, 1.3 are acceptable for secure communication. You can change the defaults using Imap.SSLConfiguration property.

Imap client may decide to secure the channel, if IMAP server explicitly forbids logging-in on unsecured channel and you are using UseBestLogin method.

Here you can find more details on SSL vs TLS vs STARTTLS, and here how to turn on TLS 1.2 in IMAP.

IMAP implicit TLS/SSL mode

Mail.dll IMAP component connects using secure TLS/SSL channel. You need to know in advance, if the server supports TLS/SSL connections – ask your administrator. Typically, IMAP over TLS/SSL is associated with port 993, but this is not always the case. You can always specify different then standard port by using ConnectSSL method overloads.

// C# version

using System;
using System.Collections.Generic;
using Limilabs.Client.IMAP;
using Limilabs.Mail;

class Program
{
    static void Main(string[] args)
    {
        using (Imap imap = new Imap())
        {
            imap.ConnectSSL("imap.example.com");
            imap.UseBestLogin("user", "password");

            imap.SelectInbox();

            List<long> uids = imap.Search(Flag.Unseen);

            foreach (long uid in uids)
            {
                var eml = imap.GetMessageByUID(uid);
                IMail email = new MailBuilder()
                    .CreateFromEml(eml);

                string subject = email.Subject;
            }
            imap.Close();
        }
    }
}
' VB.NET version

Imports System
Imports System.Collections.Generic
Imports Limilabs.Client.IMAP
Imports Limilabs.Mail

Public Module Module1
    Public Sub Main(ByVal args As String())

        Using imap As New Imap()
            imap.ConnectSSL("imap.example.com")
            imap.UseBestLogin("user", "password")

            imap.SelectInbox()

            Dim uids As List(Of Long) = imap.Search(Flag.Unseen)

            For Each uid As Long In uids
                Dim eml = imap.GetMessageByUID(uid)
                Dim email As IMail = New MailBuilder() _
                        .CreateFromEml(eml)

                Dim subject As String = email.Subject
            Next
            imap.Close()
        End Using

    End Sub
End Module

IMAP explicit TLS/SSL mode

Mail.dll IMAP component connects using clear text channel and secures the channel using TLS/SSL by issuing STARTTLS command. Typically standard IMAP port 143 is used, but this is not always the case. You can always specify different then standard port using Connect method overloads.

// C# version

using System;
using System.Collections.Generic;
using Limilabs.Mail;
using Limilabs.Client.IMAP;

class Program
{
    static void Main(string[] args)
    {
        using (Imap imap = new Imap())
        {
            imap.Connect("imap.example.com");
            imap.StartTLS();

            imap.UseBestLogin("user", "password");

            imap.SelectInbox();

            List<long> uids = imap.Search(Flag.Unseen);

            foreach (long uid in uids)
            {
                var eml = imap.GetMessageByUID(uid);
                IMail email = new MailBuilder()
                    .CreateFromEml(eml);

                string subject = email.Subject;
            }
            imap.Close();
        }
    }
}
' VB.NET version

Imports System
Imports System.Collections.Generic
Imports Limilabs.Mail
Imports Limilabs.Client.IMAP

Public Module Module1
    Public Sub Main(ByVal args As String())

        Using imap As New Imap()
            imap.Connect("imap.example.com")
            imap.StartTLS()

            imap.UseBestLogin("user", "password")

            imap.SelectInbox()

            Dim uids As List(Of Long) = imap.Search(Flag.Unseen)

            For Each uid As Long In uids
                Dim eml = imap.GetMessageByUID(uid)
                Dim email As IMail = New MailBuilder() _
                        .CreateFromEml(eml)

                Dim subject As String = email.Subject
            Next
            imap.Close()
        End Using

    End Sub
End Module

After you connect, you can check, if your IMAP server supports explicit TLS/SSL using following code:

// C# version

bool supportsStartTLS = imap.SupportedExtensions()
   .Contains(ImapExtension.StartTLS);
' VB.NET version

Dim supportsStartTLS As Boolean = imap.SupportedExtensions() _
   .Contains(ImapExtension.StartTLS)

You can read more here on how to know which extensions does your server support.

Self-signed certificates

If you are using self-signed certificates you may encounter this error: The remote certificate is invalid according to the validation procedure.


Get Mail.dll

Tags:      

Questions?

Consider using our Q&A forum for asking questions.

6 Responses to “Use TLS/SSL with IMAP in .NET”

  1. A connection attempt failed Says:

    […] Use SSL with IMAP […]

  2. Alberto Says:

    i have a problem with the ssl connetcion to “imap.gmail.com”. after 20 second the program gives a serverexception “connetcted attemp failed….”. I see the your other articles but i don’t resolve the problem

  3. Limilabs support Says:

    @Alberto

    This article may help you: http://www.limilabs.com/blog/download-emails-from-gmail
    Are you sure that your network administrator does not block Gmail?

  4. Receive unseen emails using IMAP | Blog | Limilabs Says:

    […] First thing you need to do is to connect to your POP3 server. Use Connect(string host) method to connect to the server. Typically IMAP server is working on port 143. You can use Connect(string host, int port) overload when you need to specify different port, or ConnectSSL methods to use IMAP over SSL. […]

  5. John Goswami Says:

    I have made a scheduler which working well on my local machine but not on remote desktop my web server getting following issue :
    Limilabs.Client.ServerException: No connection could be made because the target machine actively refused it XXX.xxx.xx.xxx:xxx.

  6. Limilabs support Says:

    @John Goswami

    Please make sure you are using correct connection settings and your application has enough security permissions to establish connection to the remote server.
    Make sure firewall and antivirus software are disabled or configured correctly (this includes Windows Defender).
    For details read this article: http://www.limilabs.com/blog/connection-attempt-failed