Archive for the ‘News’ Category

Order process maintenance scheduled for March 7, 2017

Thursday, March 2nd, 2017

As part of our ongoing commitment to invest in and provide a scalable ecommerce platform that meets the advancing needs of our client base, we will be conducting planned maintenance to our system next week:

CET: Tuesday, March 7, 2017 from 2 p.m. to 6 p.m.
CST: Tuesday, March 7, 2017 from 7 a.m. to 11 a.m.
PST: Tuesday, March 7, 2017 from 5 a.m. to 9 a.m.
AEDT: Wednesday, March 8, 2017 from midnight to 4 a.m.

During the planned maintenance, the system will continue to take orders. However customers will see temporary delays in fulfillment and order confirmation emails.

Once the maintenance is finished, we expect all functionality to resume; orders will be processed and order confirmation emails will be sent to customers.

NavigateToTest VS2015 extension

Wednesday, November 9th, 2016

You can download the extension here:
NavigateToTest Visual Studio 2015 extension

Here’s the latest version that supports Visual Studio 2015.

Extension is convention based. It matches ClassName file with ClassNameTest or ClassNameTests and vice-versa, so you can easily navigate to the test file and back.

Here are some screenshots:

Here’s the toolbar and two opened files:

You can download the extension here:
NavigateToTest Visual Studio 2015 extension

OAuth 2.0 with Gmail over IMAP for web applications (DotNetOpenAuth)

Sunday, March 13th, 2016

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications.

This article describes using OAuth 2.0 to access Gmail IMAP and SMTP servers using .NET IMAP component in web application scenario (ASP.NET/ASP.NET MVC). You can also use OAuth 2.0 for installed applications.


First download the latest version of DotNetOpenAuth – it’s free, open source library that implements OAuth 2.0:

Add it as a reference and import namespaces:

// c#

using DotNetOpenAuth.OAuth2;
using DotNetOpenAuth.OAuth2.Messages;
using DotNetOpenAuth.Messaging;

Imports DotNetOpenAuth.OAuth2
Imports DotNetOpenAuth.OAuth2.Messages
Imports DotNetOpenAuth.Messaging

Register Application

Before you can use OAuth 2.0, you must register your application using the Google Developers Console. After you’ve registered, go to the API Access tab and copy the “Client ID” and “Client secret” values and specify “Redirect URI“, which you’ll need later.

At least product name must be specified:

Now create credentials:

Specify redirect URI:

After you’ve registered, copy the “Client ID” and “Client secret” values, which you’ll need later:

Now we can define clientID, clientSecret, redirect url and scope variables, as well as Google OAuth 2.0 server addresses. Scope basically specifies what services we want to have access to. In our case it is user’s email address and IMAP/SMTP access:

const string clientID = "";
const string clientSecret = "XXXYYY111";
const string redirectUri = "";

AuthorizationServerDescription server = new AuthorizationServerDescription
        AuthorizationEndpoint = new Uri(""),
        TokenEndpoint = new Uri(""),
        ProtocolVersion = ProtocolVersion.V20,
List<string> scope = new List<string> 

Obtain an OAuth 2.0 access token

As we are using ASP.NET we’ll use WebServerClient class:

WebServerClient consumer = new WebServerClient(server, clientID, clientSecret);

// Here redirect to authorization site occurs
consumer.RequestUserAuthorization(scope, new Uri(redirectUri));

If you use ASP.NET MVC the last line is different:

// Here redirect to authorization site occurs
OutgoingWebResponse response = consumer.PrepareRequestUserAuthorization(
    scope, new Uri(redirectUri));
return response.AsActionResult();

At this point user is redirected to Google to authorize the access:

After this step user is redirected back to your website ( Following is this callback code. Its purpose is to get a refresh-token and an access-token:

WebServerClient consumer= new WebServerClient(server, clientID, clientSecret);
consumer.ClientCredentialApplicator =
IAuthorizationState grantedAccess = consumer.ProcessUserAuthorization(null);

string accessToken = grantedAccess.AccessToken;

An access token is usually valid for a maximum of one hour, and allows you to access the user’s data. You also received a refresh token. A refresh token can be used to request a new access token once the previous expired.

Access IMAP/SMTP server

Finally we’ll ask Google for user’s email and use LoginOAUTH2 method to access Gmail’s IMAP server:

GoogleApi api = new GoogleApi(accessToken);
string user = api.GetEmail();

using (Imap imap = new Imap())
    imap.LoginOAUTH2(user, accessToken);

    List<long> uids = imap.Search(Flag.Unseen);

    foreach (long uid in uids)
        var eml = imap.GetMessageByUID(uid);
        IMail email = new MailBuilder().CreateFromEml(eml);

Refreshing access token

An access token is usually short lived and valid for a maximum of one hour. The main reason behind this is security and prevention of replay attacks. This means that for long-lived applications you need to refresh the access token.

In most cases web applications don’t need to refresh access token (they request new one every time), thus when using WebServerClient refresh token is not sent. To force sending refresh token you need to set access_type url parameter to offline:

AuthorizationServerDescription authServer = new AuthorizationServerDescription
    AuthorizationEndpoint = 
        new Uri(""),

Your refresh token will be sent only once – don’t loose it!

We recommend storing entire IAuthorizationState object received from WebServerClient.ProcessUserAuthorization method call. This object contains both: refresh token and access token, along with its expiration time.

The process of refreshing access token is simple:

IAuthorizationState grantedAccess = ...
consumer.RefreshAuthorization(grantedAccess, TimeSpan.FromMinutes(20));

In the example above the access token will not be refreshed if its remaining lifetime exceeds 20 minutes.

Retrieving lost refresh token

When your application receives a refresh token, it is important to store that refresh token for future use. If your application loses the refresh token, it will have to re-prompt the user for consent before obtaining another refresh token.

You’ll need to add approval_prompt=force to your parameters:

 AuthorizationServerDescription authServer = new AuthorizationServerDescription
     AuthorizationEndpoint = 
          new Uri(""),

Eml is now of byte[] type (Cannot implicitly convert type ‘byte[]’ to ‘string’)

Saturday, August 16th, 2014

In most recent version of Mail.dll we decided to change how email data is internally stored. This improves both memory usage and raw, not encoded utf-8 data handling. As every major change this leads to a small breaking changes in Mail.dll’s public interface.

In most cases changes required will be very minor. Most common are data type changes from string to byte[] or var keyword.

Below you can find a most common change guidance:

Downloading an email


string eml = client.GetMessageByUID(uid);
IMail email = new MailBuilder().CreateFromEml(eml);


byte[] eml = client.GetMessageByUID(uid);
IMail email = new MailBuilder().CreateFromEml(eml);

Saving an email to a file


string eml = client.GetMessageByUID(uid);
File.WriteAllText(fileName, eml, Encoding.GetEncoding(1252));


byte[] eml = client.GetMessageByUID(uid);
File.WriteAllBytes(fileName, eml);

Reading an email from a file


string eml = File.ReadAllText(fileName, Encoding.GetEncoding(1252));
IMail email = new MailBuilder().CreateFromEml(eml);


byte[] eml = File.ReadAllBytes(fileName);
IMail email = new MailBuilder().CreateFromEml(eml);

Uploading an email read from a file


string eml = File.ReadAllText(fileName, Encoding.GetEncoding(1252));
client.UploadMessage("Inbox", eml);


byte[] eml = File.ReadAllBytes(fileName);
client.UploadMessage("Inbox", eml);

Mail2World IMAP search ALL bug

Monday, August 4th, 2014

Another broken IMAP server.

S: * OK Mail2World IMAP4 Server 2.6 64bit ready
S: 76abb5398bc44413 OK CAPABILITY completed
C: 1d5827aea22047ea LOGIN X Y
S: 1d5827aea22047ea OK LOGIN completed
C: b094a8b36bce4d26 EXAMINE "INBOX"
S: * FLAGS (\Answered \Flagged \Deleted \Seen \Recent)
S: * OK [PERMANENTFLAGS ()] No permanent flags permitted
S: * OK [UNSEEN 0] first unseen
S: * OK [UIDVALIDITY 42389] UIDs are valid
S: b094a8b36bce4d26 OK [READ-ONLY] opened INBOX
C: 95d4bf743ec949dd UID SEARCH ALL
S: 95d4bf743ec949dd BAD UID SEARCH wrong arguments passed.

“UID SEARCH ALL” is a valid IMAP search query, all servers I know (e.g. Gmail, Exchange) support it without any problems. I can’t imagine a simpler search query, than “UID SEARCH ALL”.

I doubt any email program can download anything from this server.

Funny enough such broken commands as: “UID SEARCH 1:* UID” or “UID SEARCH ALL UID” work on this server.

Nevertheless latest version of Mail.dll is smart enough to access this server.