What's New
Dec 09, 2024 AspEmail 5.6.0.5 and AspEmail.NET 5.6.0.5338 Service Releases
-
A number of users have reported the error
Transport Layer Security Error #25 (WinSock): No information received from the server.
when connecting to their SMTP servers via TLS 1.2. We tracked it down to a TLS extension called "Renegotiation Info" (RI) described in RFC 5746. Some SMTP servers apparently require that this extension be present in the initial handshake packet, and break the connection otherwise. As of this service release, the RI extension has been added to the TLS 1.2 handshake packet.
- AspEmail's and AspEmail.NET's oAuth support is no longer limited to Google GMAIL. It has been extended to Microsoft Office 365 as well. The "Sign in with Office 365" button provided in the user manual enables you to obtain access and refresh tokens to access smtp.office365.com via oAuth. For more information, see Section 5.6.4 of the manual.
Jan 29, 2024 AspEmail 5.6.0.4 and AspEmail.NET 5.6.0.5319 Service Releases
-
The AspEmail.NET service release fixes a bug in the TLS 1.2 module responsible for the error
POP3 Error with host <host name>: Exception of type 'Persits.Email.TlsException' was thrown.
generated by EmailAgent.NET during POP3 message downloading over TLS 1.2 with some (but not all) SMTP servers, most notably outlook.office365.com.
- Also, DKIM functionality has been enhanced in both AspEmail and AspEmail.NET by optionally including the following three custom headers in the DKIM signature: List-Unsubscribe, List-Unsubscribe-Post, and Feedback-ID.
May 04, 2023 New Secure Cipher Suites Added to TLS Modules
We have made a significant improvement to our mailing components. The latest service releases AspEmail 5.6.0.3 and AspEmail.NET 5.6.0.5301 include support for two highly secure cipher suites that utilize the Galois/Counter Mode (GCM) of the AES cipher. These cipher suites are:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (code C02F).
Both cipher suites are part of the TLS 1.2 family. The previous versions of AspEmail and AspEmail.NET only supported cipher suites that relied on the Cipher Block Chaining (CBC) mode, which is generally considered less secure than GCM. As a result, some SMTP providers have discontinued support for those suites.
Jun 22, 2022 Google API Support Added to AspEmail 5.6.0.2, AspEmail.NET 5.6.0.5206
As of June 2022, Google has stopped supporting "less secure applications" and blocked the use of the SMTP protocol to applications with the sensitive scope (which is a set of permissions granted to the application by Google itself). For those applications to send email via GMAIL, they must now use Google API instead of the traditional SMTP protocol.
AspEmail 5.6.0.2 and AspEmail.NET 5.6.0.5206 support the API mode, under which the body of the message is POSTed to Google in a single large HTTPS post. For more information, see Section 5.6.3 of the AspEmail user manual, and Section 3.5.3 of the AspEmail.NET user manual.
Nov 21, 2021 AspEmail 5.6.0.1 & AspEmail.NET 5.6.0.5189 Service Release Available
AspEmail's and AspEmail.NET's TLS engine, specifically its ECDHE module, has received a small but important enhancement: support for SHA256-based RSA signatures. The previous versions only supported SHA1-based signatures.
Some SMTP servers require that the client application support SHA256-based signatures, and reject the secure handshake otherwise. This would result in the exception
Transport Layer Security Error #25 (WinSock): No information received from the server.
The new service releases fix this deficiency.
Also, the new version of EmailAgent.NET can now connect to a POP3 server via TLS 1.2 if the Port number is set to 99521 in the configuration panel application. Older versions of EmailAgent.NET only supported TLS 1.0 for POP3 connections.
May 02, 2021 Version 5.6 Released with Extended Multipart/Alternative Support
AspEmail and AspEmail.NET have always provided partial support for the multipart/alternative format via its AltBody property, enabling a message body to be specified in two alternative versions -- plain-text and HTML.
This release supports an unlimited number of alternative bodies via the new method AddAltBody. Messages can now be generated with advanced content, such as accelerated mobile pages (AMP), calendars, etc.
For more information about this feature, see Section 2.5 of the AspEmail user manual, and Section 1.9 of the AspEmail.NET user manual.
Upgrading is free for registered users as always.
Dec 30, 2020 AspEmail & AspEmail.NET with Elliptic Curve Diffie-Hellman Released
After 3 months in beta, our email products AspEmail and AspEmail.NET are officially out with the Elliptic Curve Diffie-Hellman Cipher Suite support.
A "cipher suite" is a basket of ciphers (including symmetric and asymmetric algorithms and hash functions) which a client and server use to communicate securely over TLS. Prior to this release, AspEmail and AspEmail.NET supported only one TLS 1.2 cipher suite, TLS_RSA_WITH_AES_128_CBC_SHA. Its key exchange procedure is based on the RSA public-key cipher, which some consider outdated and insufficiently secure. Some SMTP provides have gone as far as disabling all RSA-based cipher suites from their platforms.
As of now, our products also support the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher, which uses the Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) algorithm for key exchange instead. ECDHE is widely considered superior to RSA. No code changes are necessary to take advantage of the new cipher suite as long as TLS 1.2 (as opposed to TLS 1.0) is used. Upgrading is free for registered users.
Nov 13, 2020 EmailAgent Update Fixes Password Length Limitation
The current version of EmailAgent has a built-in 64-character limit on passwords, which makes it impossible to use EmailAgent with SMTP services requiring longer passwords, such as Twilio SendGrid, and others. This limitation has now been fixed and incorporated into the AspEmail 5.5.0.2 Beta.
AspEmail with the EmailAgent fix and AspEmail.NET (beta versions) can be downloaded via the links below:
Oct 02, 2020 Beta Released with Elliptic Curve Diffie-Hellman Cipher Suite
Last year, we released Version 5.5 of AspEmail and AspEmail.NET with TLS 1.2 support. However, only RSA-based cipher suites were supported in that release. Version 5.5.0.2, currently in beta, also provides support for an ECDHE-based cipher suite, specifically TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (Code 0xC027). ECDHE stands for Elliptic Curve Diffie-Hellman Ephemeral, a key exchange algorithm that is widely considered far superior to RSA in both security and performance. In fact, some SMTP providers have already disabled RSA-based cipher suites altogether. An attempt to send email via such an SMTP server with older versions of AspEmail or AspEmail.NET would result in the error exception "Fatal alert received from the server: handshake_failure."
The TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite, as its name suggests, still uses RSA, but only for server authentication. Key exchange, the most important part of the TLS protocol, is performed via ECDHE.
Please help us beta-test this very important release. The 5.5.0.2 (beta) versions of AspEmail (32-bit and 64-bit) and AspEmail.NET can be downloaded via the following links. Absolutely no code change is necessary.
Mar 06, 2020 oAuth Support, Improved .NET Core Support (AspEmail.NET)
oAuth Support (AspEmail & AspEmail.NET)
OAuth is an open-standard authorization protocol that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the account password. As of versions 5.5.0.1 (AspEmail) and 5.5.0.4826 (AspEmail.NET), our mail-sending components are capable of connecting to SMTP servers requiring oAuth, most notably smtp.gmail.com.
As of March 2020, it is still possible to connect to the Google GMAIL SMTP services via your account's username and password. However, Google has unmistakably signaled its intention to block "less secure applications" (that is, those not using oAuth) in the near future. In anticipation of that, we have added oAuth support to both AspEmail and AspEmail.NET, and provided interfaces to obtain GMAIL oAuth access tokens both interactively and programmatically.
Our components' oAuth support is described in Section 5.6 of the AspEmail user manual, and Section 3.5 of the AspEmail.NET user manual.
Improved .NET Core Support (AspEmail.NET)
AspEmail.NET has been further optimized for the .NET Core environment, both under Windows and Linux. It is no longer dependent on the System.Configuration.ConfigurationManager assembly when the registration key is specified directly in the code via the objMail.RegKey property. Also, previous versions of AspEmail.NET could not use TLS under .NET Core, while the latest version can.
Jan 24, 2020 AspEmail.NET Compatible with .NET Core on Windows & Linux
We are happy to announce that our native-.NET mail-sending component is no longer confined to Windows servers. AspEmail.NET 5.5 has been successfully tested on .NET Core 2.0+ on both Windows and Linux!
Oct 05, 2019 AspEmail & AspEmail.NET 5.5 Officially Released
It is official: AspEmail 5.5 and AspEmail.NET 5.5 have been released.
The main new feature is support for TLS 1.2. Whenever the TLS or SSL modes are enabled, the components now use TLS 1.2 by default. TLS 1.0 can still be switched to via the TLSVersion property.
Another important feature is support for 4-byte Unicode characters such as Emojis in the EncodeHeader method.
Version 5.5 also fixes the dreaded "The password is too long" error. Usernames and passwords up to 256 characters long are now allowed.
As always, upgrades are absolutely free for the registered users. Please download AspEmail & AspEmail.NET 5.5 here.
Jun 27, 2019 AspEmail 5.5 Beta 4 (Release Candidate) Available
In Beta 4, buffer overflow bugs responsible for a crash on Windows 2016 under the TLS/SSL mode have been fixed. The bugs only affected AspEmail, not AspEmail.NET.
The Betas of AspEmail and AspEmail.NET can be downloaded from these links:
AspEmail_55.exe (AspEmail 32-bit)
AspEmail64_55.exe (AspEmail 64-bit)
aspemail_net55.exe (AspEmail.NET)
Apr 18, 2019 AspEmail 5.5 Beta 3 Released
Feb 26, 2019 AspEmail 5.5 & AspEmail.NET 5.5 Beta 2 Released
Mar 23, 2018 AspEmail 5.5 & AspEmail.NET 5.5 Beta with TLS 1.2 Support Released
AspEmail and AspEmail.NET 5.5 (currently in beta) contain the following important enhancements:
- Version 1.0 of the Transport Layer Security protocol relies heavily on the MD5 hash algorithm, which has been cracked and is currently considered insecure. It contains other vulnerabilities as well. In anticipation of TLS 1.0's eventual decommission by all major SMTP providers, we are releasing Version 5.5 of AspEmail and AspEmail.NET, which replaces TLS 1.0 with TLS 1.2 - a more secure protocol which is based on SHA256 and 128-bit and 256-bit AES.
- Also, the EncoderHeader method has been fixed to enable 4-byte Unicode characters such as emojis in message subjects. In the previous versions, these characters appeared as black boxes.
May 26, 2016 AspEmail 5.4.0.6, AspEmail.NET 5.4.0.4505 Service Releases Available
The service release contains the following important fixes:
-
A serious bug has been discovered in AspEmail that may cause the component to crash, although this only seems to happen quite rarely. The error message is usually
A trappable error (C0000005) occurred in an external object. The script cannot continue running.
This bug has now been fixed. The bug only affected AspEmail but not AspEmail.NET.
- The ValidateAddress method has been enhanced to invalidate email addresses with subdomains that start and/or end with a dash. Error code 12 is now returned for email addresses like that. Previous versions incorrectly reported such email addresses as valid.
- Other minor bugs fixed.
Sep 18, 2015 AspEmail 5.4.0.5 Service Release Available
Aug 14, 2015 Important EmailAgent.NET Fix Available
A bug in EmailAgent.NET (the background service included with the AspEmail.NET product) responsible for errors while processing queued messages in the DNS Relay mode with multiple simultaneous threads has been fixed.
A coding error caused a message processing thread to occasionally attempt to send a message to an SMTP server intended for another message being processed by a parallel thread. This caused the message to be rejected and placed back in the queue. This multithreading-related coding error has now been fixed.
The bug did not affect the regular SMTP relay mode or single-thread processing. The service release only updates the EmailAgent.NET service but not the AspEmail.NET component itself.
Please download the service release here.
Jun 17, 2015 AspEmail, AspEmail.NET Service Releases Available
AspEmail 5.4.0.4 and AspEmail.NET 5.4.0.4422 fix a bug in the TLS/SSL module that is responsible for the error
CertificateRequest: total length is out of bounds.
occurring with some SMTP servers.
Also, AspEmail has been recompiled to be properly coupled with the latest release of the AspEncrypt component (v2.9) which it relies on to send secure mail.
Apr 13, 2015 AspEmail, AspEmail.NET Service Releases Available
A bug in AspEmail's secure mail functionality responsible for the errors
Active Server Pages error 'ASP 0107'
Data size too large
/pdf/files/test.asp
Size of data being sent in the request is over the allowed limit.
or
Active Server Pages error 'ASP 0115'
Unexpected error
/pdf/files/test.asp
A trappable error (C0000005) occurred in an external object. The script cannot continue running.
when sending encrypted mail with large attachments has been fixed. The bug was apparently introduced in a previous service release several years ago, and only seems to affect the 32-bit version of AspEmail. Neither the 64-bit version of AspEmail nor AspEmail.NET are affected.
Also, both AspEmail and AspEmail.NET have been modified to not use a space separator in the SMTP commands MAIL FROM:<address> and RCPT TO:<address> between the ":" character and the email address. This reduces the chance that the messages sent by EmailAgent (EmailAgent.NET) under the DNS Relay mode will be treated as spam.
Jan 26, 2015 AspEmail.NET 5.4.0.4130 Service Released with EmailAgent.NET Fixes
This service release only affects EmailAgent.NET but not AspEmail.NET itself. The following fixes have been implemented:
- During POP3 bounced-message retrieval, a faulty unique-name generation algorithm would occasionally generate the same filename for more than one message being retrieved, thus causing some messages to be overwritten and lost. This bug has now been fixed.
- When the HOST information was not part of a message queue file, EmailAgent.NET would still use the PORT information from that file. As a result, the Port value specified in the EmailAgent.NET configuration panel would always be ignored. This deficiency has now been fixed: PORT is read from a message queue file only if the HOST entry is also present in that file. Otherwise, the Port value from the configuration panel is used.
-
The DNS lookup timeout value has been increased from 1 second to 2 seconds, thus reducing the occurrence of the log error
DNS Lookup error: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
when the DNS relay mode is in use.
- Cosmetic changes to the configuration panel's user interface have been made.
Nov 14, 2014 AspEmail, AspEmail.NET SSL-related Service Releases Available
When sending email over SSL (port 465) via Google's smtp.gmail.com server, the send occasionally fails with the sending script blocking and eventually throwing the error
Transport Layer Security Error #25 (WinSock): No information received from the server.
This problem was fixed in the AspEmail 5.4.0.3 and AspEmail.NET 5.4.0.4114 service releases.
Aug 11, 2014 AspEmail.NET 5.4.0.3754 Service Released with POP3 SSL Support
EmailAgent.NET's TLS/SSL support has been expanded to cover POP3 message retrieval. Setting Port to 995 (as opposed to 110) on the POP3 & Logging configuration tab prompts EmailAgent.NET to connect to the POP3 server via the SSL/TLS secure communication protocol.
This new feature enables EmailAgent.NET to retrieve bounced messages from POP3 servers that require SSL/TLS, such as pop.gmail.com and others.
Jul 24, 2014 AspEmail, AspEmail.NET Service Releases Available
A bug in AspEmail and AspEmail.NET triggered by a recent change in the Google smtp.gmail.com server's TLS implementation, and causing the errors Invalid TLS version, No information received from the server and others, has been fixed.
The bug manifests itself in a plethora of ways. When sending a message via smtp.gmail.com over TLS or SSL, the following errors occur often (but not always):
Transport Layer Security Error #25 (WinSock): No information received from the server.
Transport Layer Security Error #40 (TLS): Invalid TLS version (0x3230)
or
(0x3530)Transport Layer Security Error #30 (SMTP): 451 4.5.0 SMTP protocol violation, see RFC 2821
Transport Layer Security Error #23 (WinSock): Connection closed by the remote host
Other SMTP servers do not seem to be affected by the bug.
Please download the service releases here.
May 13, 2014 AspEmail, AspEmail.NET 5.4 Released with SSL Support
In the context of an SMTP connection, Secure Socket Layer (SSL) refers to a secure channel over Port 465. Versions 5.4 of AspEmail and AspEmail.NET implement the SSL protocol. To enable it, the new SSL property should be set to True and Port to 465. This feature is useful in case your SMTP server requires a secure connection but does not support the STARTTLS command.
For more information, see AspEmail Manual Section 5.4 and AspEmail.NET Manual Section 1.8.
Upgrading is free for registered users.
Feb 05, 2014 AspEmail.NET Service Release 5.3.0.3524 Available
This service release fixes a bug in EmailAgent.NET that manifests itself with SMTP servers that are configured to terminate the SMTP session under certain conditions, such as authentication failure. If the SMTP session is terminated, the new version correctly reports the message as failed and creates the entry "452 Remote connection lost (Socket.Receive returned 0)" in the log. Previous versions would erroneously report the message as successfully sent.
The service release also fixes a minor bug in the log parsing module.
Nov 22, 2013 TLS engine updated, "Handshake type 13 not supported" error fixed
Our TLS engine, shared by both AspEmail and AspEmail.NET, has been updated to eliminate the error
Handshake type 13 not supported.
This error would occur under the TLS mode with SMTP servers requesting a client certificate but not requiring one, such as, most notably, Microsoft Exchange Online (smtp.office365.com). This important enhancement is incorporated in the service releases AspEmail 5.3.0.3 and AspEmail.NET 5.3.0.3521. The upgrades are available free of charge to the registered users.
Oct 17, 2013 AspEmail.NET Service Release 5.3.0.3218 Available
In this service release, the following secure-mail related methods get new path-based overloads:
- SendCertified
- SendEncrypted
- SendSigned
- SendSignedAndEncrypted
In the previous versions of AspEmail.NET, these methods required the instances of X509Certificate2 objects as arguments. From now on, these methods also accept physical paths to certificate files. This makes it possible for AspEmail.NET to be used in classic ASP to send secure mail as the methods no longer rely on the X509Certificate2 objects which do not exist in classic ASP.
The advantage of using AspEmail.NET to send secure mail over AspEmail is that the latter also requires AspEncrypt, while AspEmail.NET is completely self-sufficient.
The service release also adds the auxiliary method LogonUser for user impersonation. See KB article PS121023186 for code samples.