Using TLS 1.2 with .NET POP3 client

This article presents a comprehensive tutorial that elaborates on how to configure the Mail.dll POP3 client for seamless integration with the TLS 1.2 encryption protocol.

This security enhancement ensures that receiving emails via POP3 remain safeguarded against potential threats and unauthorized access.

By default clients and POP3 servers negotiate SSL/TLS versions they can both use. Most systems don’t allow SSL 3.0, TLS 1.0, 1.1 anymore and Mail.dll POP3 component simply uses the most recent TLS version.

TLS 1.2 and 1.3 are the most secure versions of TLS protocols. It is easy to force the connection to use it.

All you need to do is to set Pop3.SSLConfiguration.EnabledSslProtocols property to SslProtocols.Tls12 before issuing ConnectSSL or Connect and StartTLS sequence:

Here you can learn more on how TLS/SSL and STLS work in POP3 protocol
// C#

using (Pop3 pop3 = new Pop3())
{
    pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12;

    pop3.ConnectSSL("pop.example.com");

    pop3.UseBestLogin("user","password");

    // ... 

    pop3.Close();
}

' VB .NET

Using pop3 As New Pop3()
	pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12

	pop3.ConnectSSL("pop.example.com")

	pop3.UseBestLogin("user@example.com", "password")

	'...

	pop3.Close()
End Using

For explicit SSL/TLS, code is almost the same. You first connect to a default, non-secure POP3 port and secure the connection using Pop3.StartTLS method:

// C#

using (Pop3 pop3 = new Pop3())
{
    pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12;

    pop3.Connect("pop.example.com");
    pop3.StartTLS();

    pop3.UseBestLogin("user@example.com","password");

    // ... 

    pop3.Close();
}

' VB.NET

Using pop3 As New Pop3()
	pop3.SSLConfiguration.EnabledSslProtocols = SslProtocols.Tls12

	pop3.Connect("pop.example.com")
	pop3.StartTLS()

	pop3.UseBestLogin("user@example.com", "password")

	'...

	pop3.Close()
End Using

Older .NET framework versions

To use TLS 1.2 in POP3 client at least .NET Framework 4.5+ must be installed on your machine and your application should target .NET 4.5+.

It is possible to use TLS 1.2 in applications targeting earlier .NET framework versions, but 4.5 must be installed on the machine. After you have .NET 4.5 installed, your 2.0 – 4.0 apps will use the 4.5 System.dll and you can enable TLS 1.2 using this code:

// C#

pop3.SSLConfiguration.EnabledSslProtocols = 
    (SecurityProtocolType)3072;

Tags:    

Questions?

Consider using our Q&A forum for asking questions.