Sending Mail with Indy’s TIdSmtp Component

I recently had cause to port an application from the old TurboPower Internet Pro SMTP component to Indy’s TIdSmtp component. Overall I have to say that I like the Indy components better but the documentation leaves a lot to be desired. It is hard to believe that a 4,800 page document could tell you so little about what you really need to know.

Where I really ran into problems was in the very area that was the reason that I was migrating from InetPro. Encrypted connections. No where in the various manuals do they tell you how to make this work. Here is what I have managed to find out.


In order to make use of TLS or SSL (which is essentially the same thing) for sending email via SMTP you need to add a TIdSSLIOHandlerSocketOpenSSL component to your project and link it to your TIdSmtp component via the IOHandler property. If you don’t do this you won’t get anywhere trying to use SSL. In order to use the SSL components you need to download and install the Open SSL DLLs. These are NOT included with the base Indy installation files. These files can be found at:

http://www.intelicom.si/www.nsf/sub?readform&cat=9〈=en

Once you have that all sorted out, there are several properties that need to be set in order to make the TLS stuff actually work. The first, and for me least understood, is the TIdSmtp.UseTLS property. There are four choices for this property:

  • utNoTLSSupport - Use this if you do not want to use encryption. The connection will fail if the server requires encryption.
  • utUseExplicitTLS - Use this if you want to use encryption if it is available. If the server does not support encryption, a OnTLSNotAvailable event will be fired. If there is no handler or the handler returns False the connection fill fail.
  • utUseImplicitTLS - Use this if the server uses encryption by default. That is, if it starts an encrypted connection without performing any handshaking. You will usually have to specify a port number other than 25 if this option is selected. The connection will fail if the server tries to handshake to establish an encrypted connection or if the server doesn’t support encryption.
  • UtUseRequireTLS - This is essentially the same as utUseExplicitTLS except that if the server does not support unencrypted connections, the connection attempt will fail.

Once I got that all straightened out, another complication reared it ugly head and that was the SSL version supported by the server. If the TIdSSLIOHandlerSocketOpenSSL.SSLOptions.Method property doesn’t match the server your connections will fail. There are four options, but I haven’t been able to find a decent description of what they mean:

  • sslvSSLv2 - This is the default setting. I found that this setting won’t work for many SMTP servers.
  • sslvSSLv23 - Another SSL version.
  • sslvSSLv3 - Another SSL version.
  • sslvTLSv1 - TLS version 1. TLS replaced SSL, so I have to assume that this is the most recent version. This setting worked on all SMTP servers that I have tested with.

Leave a Reply