We have made a significant improvement to our mailing components. The latest service releases AspEmail 5.6.0.4 and AspEmail.NET 5.6.0.5301 include support for two highly secure cipher suites that utilize the Galois/Counter Mode (GCM) of the AES cipher. These cipher suites are:

TLS_RSA_WITH_AES_128_GCM_SHA256 (code 009C) and
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (code C02F).

Both cipher suites are part of the TLS 1.2 family. The previous versions of AspEmail and AspEmail.NET only supported cipher suites that relied on the Cipher Block Chaining (CBC) mode, which is generally considered less secure than GCM. As a result, some SMTP providers have discontinued support for those suites.

As of June 2022, Google has stopped supporting "less secure applications" and blocked the use of the SMTP protocol to applications with the sensitive scope (which is a set of permissions granted to the application by Google itself). For those applications to send email via GMAIL, they must now use Google API instead of the traditional SMTP protocol.

AspEmail 5.6.0.2 and AspEmail.NET 5.6.0.5206 support the API mode, under which the body of the message is POSTed to Google in a single large HTTPS post. For more information, see Section 5.6.3 of the AspEmail user manual, and Section 3.5.3 of the AspEmail.NET user manual.

AspEmail's and AspEmail.NET's TLS engine, specifically its ECDHE module, has received a small but important enhancement: support for SHA256-based RSA signatures. The previous versions only supported SHA1-based signatures.

Some SMTP servers require that the client application support SHA256-based signatures, and reject the secure handshake otherwise. This would result in the exception

Transport Layer Security Error #25 (WinSock): No information received from the server.

The new service releases fix this deficiency.

Also, the new version of EmailAgent.NET can now connect to a POP3 server via TLS 1.2 if the Port number is set to 99521 in the configuration panel application. Older versions of EmailAgent.NET only supported TLS 1.0 for POP3 connections.

AspEmail and AspEmail.NET have always provided partial support for the multipart/alternative format via its AltBody property, enabling a message body to be specified in two alternative versions -- plain-text and HTML.

This release supports an unlimited number of alternative bodies via the new method AddAltBody. Messages can now be generated with advanced content, such as accelerated mobile pages (AMP), calendars, etc.

For more information about this feature, see Section 2.5 of the AspEmail user manual, and Section 1.9 of the AspEmail.NET user manual.

Upgrading is free for registered users as always.

After 3 months in beta, our email products AspEmail and AspEmail.NET are officially out with the Elliptic Curve Diffie-Hellman Cipher Suite support.

A "cipher suite" is a basket of ciphers (including symmetric and asymmetric algorithms and hash functions) which a client and server use to communicate securely over TLS. Prior to this release, AspEmail and AspEmail.NET supported only one TLS 1.2 cipher suite, TLS_RSA_WITH_AES_128_CBC_SHA. Its key exchange procedure is based on the RSA public-key cipher, which some consider outdated and insufficiently secure. Some SMTP provides have gone as far as disabling all RSA-based cipher suites from their platforms.

As of now, our products also support the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher, which uses the Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) algorithm for key exchange instead. ECDHE is widely considered superior to RSA. No code changes are necessary to take advantage of the new cipher suite as long as TLS 1.2 (as opposed to TLS 1.0) is used. Upgrading is free for registered users.

The current version of EmailAgent has a built-in 64-character limit on passwords, which makes it impossible to use EmailAgent with SMTP services requiring longer passwords, such as Twilio SendGrid, and others. This limitation has now been fixed and incorporated into the AspEmail 5.5.0.2 Beta.

AspEmail with the EmailAgent fix and AspEmail.NET (beta versions) can be downloaded via the links below:

aspemail_5502.exe
aspemail64_5502.exe
aspemail_net_5502.exe

Last year, we released Version 5.5 of AspEmail and AspEmail.NET with TLS 1.2 support. However, only RSA-based cipher suites were supported in that release. Version 5.5.0.2, currently in beta, also provides support for an ECDHE-based cipher suite, specifically TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (Code 0xC027). ECDHE stands for Elliptic Curve Diffie-Hellman Ephemeral, a key exchange algorithm that is widely considered far superior to RSA in both security and performance. In fact, some SMTP providers have already disabled RSA-based cipher suites altogether. An attempt to send email via such an SMTP server with older versions of AspEmail or AspEmail.NET would result in the error exception "Fatal alert received from the server: handshake_failure."

The TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suite, as its name suggests, still uses RSA, but only for server authentication. Key exchange, the most important part of the TLS protocol, is performed via ECDHE.

Please help us beta-test this very important release. The 5.5.0.2 (beta) versions of AspEmail (32-bit and 64-bit) and AspEmail.NET can be downloaded via the following links. Absolutely no code change is necessary.

aspemail_5502.exe
aspemail64_5502.exe
aspemail_net_5502.exe

oAuth Support (AspEmail & AspEmail.NET)

OAuth is an open-standard authorization protocol that describes how unrelated servers and services can safely allow authenticated access to their assets without actually sharing the account password. As of versions 5.5.0.1 (AspEmail) and 5.5.0.4826 (AspEmail.NET), our mail-sending components are capable of connecting to SMTP servers requiring oAuth, most notably smtp.gmail.com.

As of March 2020, it is still possible to connect to the Google GMAIL SMTP services via your account's username and password. However, Google has unmistakably signaled its intention to block "less secure applications" (that is, those not using oAuth) in the near future. In anticipation of that, we have added oAuth support to both AspEmail and AspEmail.NET, and provided interfaces to obtain GMAIL oAuth access tokens both interactively and programmatically.

Our components' oAuth support is described in Section 5.6 of the AspEmail user manual, and Section 3.5 of the AspEmail.NET user manual.

Improved .NET Core Support (AspEmail.NET)

AspEmail.NET has been further optimized for the .NET Core environment, both under Windows and Linux. It is no longer dependent on the System.Configuration.ConfigurationManager assembly when the registration key is specified directly in the code via the objMail.RegKey property. Also, previous versions of AspEmail.NET could not use TLS under .NET Core, while the latest version can.

 

We are happy to announce that our native-.NET mail-sending component is no longer confined to Windows servers. AspEmail.NET 5.5 has been successfully tested on .NET Core 2.0+ on both Windows and Linux!

It is official: AspEmail 5.5 and AspEmail.NET 5.5 have been released.

The main new feature is support for TLS 1.2. Whenever the TLS or SSL modes are enabled, the components now use TLS 1.2 by default. TLS 1.0 can still be switched to via the TLSVersion property.

Another important feature is support for 4-byte Unicode characters such as Emojis in the EncodeHeader method.

Version 5.5 also fixes the dreaded "The password is too long" error. Usernames and passwords up to 256 characters long are now allowed.

As always, upgrades are absolutely free for the registered users. Please download AspEmail & AspEmail.NET 5.5 here.

In Beta 4, buffer overflow bugs responsible for a crash on Windows 2016 under the TLS/SSL mode have been fixed. The bugs only affected AspEmail, not AspEmail.NET.

The Betas of AspEmail and AspEmail.NET can be downloaded from these links:

AspEmail_55.exe (AspEmail 32-bit)
AspEmail64_55.exe (AspEmail 64-bit)
aspemail_net55.exe (AspEmail.NET)

In Beta 3, a bug responsible for the error "Authentication failure" when using very long passwords has been fixed. Very long passwords are used by SMTP providers such as sendgrid.net. The bug only affected AspEmail, not AspEmail.NET.

In Beta 2, both TLS 1.0 and TLS 1.2 are supported. AspEmail and AspEmail.NET have a new property, TLSVersion, which is "1.2" by default but can be set to "1.0" to force the component to use TLS 1.0 instead of TLS 1.2. Also, EmailAgent.NET now has a drop-down box with the options "No TLS", "TLS 1.0" and "TLS 1.2" instead of a simple TLS on/off checkbox.

AspEmail and AspEmail.NET 5.5 (currently in beta) contain the following important enhancements:

• Version 1.0 of the Transport Layer Security protocol relies heavily on the MD5 hash algorithm, which has been cracked and is currently considered insecure. It contains other vulnerabilities as well. In anticipation of TLS 1.0's eventual decommission by all major SMTP providers, we are releasing Version 5.5 of AspEmail and AspEmail.NET, which replaces TLS 1.0 with TLS 1.2 - a more secure protocol which is based on SHA256 and 128-bit and 256-bit AES.

• Also, the EncoderHeader method has been fixed to enable 4-byte Unicode characters such as emojis in message subjects. In the previous versions, these characters appeared as black boxes.

The service release contains the following important fixes:

• A serious bug has been discovered in AspEmail that may cause the component to crash, although this only seems to happen quite rarely. The error message is usually

  A trappable error (C0000005) occurred in an external object. The script cannot continue running.

  This bug has now been fixed. The bug only affected AspEmail but not AspEmail.NET.

• The ValidateAddress method has been enhanced to invalidate email addresses with subdomains that start and/or end with a dash. Error code 12 is now returned for email addresses like that. Previous versions incorrectly reported such email addresses as valid.

• Other minor bugs fixed.

The service release fixes a bug causing AspEmail to crash when too long a string is passed to the AddAttachmentMem method. The bug only affects AspEmail but not AspEmail.NET.

A bug in EmailAgent.NET (the background service included with the AspEmail.NET product) responsible for errors while processing queued messages in the DNS Relay mode with multiple simultaneous threads has been fixed.

A coding error caused a message processing thread to occasionally attempt to send a message to an SMTP server intended for another message being processed by a parallel thread. This caused the message to be rejected and placed back in the queue. This multithreading-related coding error has now been fixed.

The bug did not affect the regular SMTP relay mode or single-thread processing. The service release only updates the EmailAgent.NET service but not the AspEmail.NET component itself.

Please download the service release here.

AspEmail 5.4.0.4 and AspEmail.NET 5.4.0.4422 fix a bug in the TLS/SSL module that is responsible for the error

CertificateRequest: total length is out of bounds.

occurring with some SMTP servers.

Also, AspEmail has been recompiled to be properly coupled with the latest release of the AspEncrypt component (v2.9) which it relies on to send secure mail.

A bug in AspEmail's secure mail functionality responsible for the errors

Active Server Pages error 'ASP 0107'
Data size too large
/pdf/files/test.asp
Size of data being sent in the request is over the allowed limit.

or

Active Server Pages error 'ASP 0115'
Unexpected error
/pdf/files/test.asp
A trappable error (C0000005) occurred in an external object. The script cannot continue running.

when sending encrypted mail with large attachments has been fixed. The bug was apparently introduced in a previous service release several years ago, and only seems to affect the 32-bit version of AspEmail. Neither the 64-bit version of AspEmail nor AspEmail.NET are affected.

Also, both AspEmail and AspEmail.NET have been modified to not use a space separator in the SMTP commands MAIL FROM:<address> and RCPT TO:<address> between the ":" character and the email address. This reduces the chance that the messages sent by EmailAgent (EmailAgent.NET) under the DNS Relay mode will be treated as spam.

This service release only affects EmailAgent.NET but not AspEmail.NET itself. The following fixes have been implemented:

• During POP3 bounced-message retrieval, a faulty unique-name generation algorithm would occasionally generate the same filename for more than one message being retrieved, thus causing some messages to be overwritten and lost. This bug has now been fixed.

• When the HOST information was not part of a message queue file, EmailAgent.NET would still use the PORT information from that file. As a result, the Port value specified in the EmailAgent.NET configuration panel would always be ignored. This deficiency has now been fixed: PORT is read from a message queue file only if the HOST entry is also present in that file. Otherwise, the Port value from the configuration panel is used.
• The DNS lookup timeout value has been increased from 1 second to 2 seconds, thus reducing the occurrence of the log error

  DNS Lookup error: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

  when the DNS relay mode is in use.

• Cosmetic changes to the configuration panel's user interface have been made.

When sending email over SSL (port 465) via Google's smtp.gmail.com server, the send occasionally fails with the sending script blocking and eventually throwing the error

Transport Layer Security Error #25 (WinSock): No information received from the server.

This problem was fixed in the AspEmail 5.4.0.3 and AspEmail.NET 5.4.0.4114 service releases.

EmailAgent.NET's TLS/SSL support has been expanded to cover POP3 message retrieval. Setting Port to 995 (as opposed to 110) on the POP3 & Logging configuration tab prompts EmailAgent.NET to connect to the POP3 server via the SSL/TLS secure communication protocol.

This new feature enables EmailAgent.NET to retrieve bounced messages from POP3 servers that require SSL/TLS, such as pop.gmail.com and others.

A bug in AspEmail and AspEmail.NET triggered by a recent change in the Google smtp.gmail.com server's TLS implementation, and causing the errors Invalid TLS version, No information received from the server and others, has been fixed.

The bug manifests itself in a plethora of ways. When sending a message via smtp.gmail.com over TLS or SSL, the following errors occur often (but not always):

Transport Layer Security Error #25 (WinSock): No information received from the server.

Transport Layer Security Error #40 (TLS): Invalid TLS version (0x3230) or (0x3530)

Transport Layer Security Error #30 (SMTP): 451 4.5.0 SMTP protocol violation, see RFC 2821

Transport Layer Security Error #23 (WinSock): Connection closed by the remote host

Other SMTP servers do not seem to be affected by the bug.

Please download the service releases here.

In the context of an SMTP connection, Secure Socket Layer (SSL) refers to a secure channel over Port 465. Versions 5.4 of AspEmail and AspEmail.NET implement the SSL protocol. To enable it, the new SSL property should be set to True and Port to 465. This feature is useful in case your SMTP server requires a secure connection but does not support the STARTTLS command.

For more information, see AspEmail Manual Section 5.4 and AspEmail.NET Manual Section 1.8.

Upgrading is free for registered users.

This service release fixes a bug in EmailAgent.NET that manifests itself with SMTP servers that are configured to terminate the SMTP session under certain conditions, such as authentication failure. If the SMTP session is terminated, the new version correctly reports the message as failed and creates the entry "452 Remote connection lost (Socket.Receive returned 0)" in the log. Previous versions would erroneously report the message as successfully sent.

The service release also fixes a minor bug in the log parsing module.

Our TLS engine, shared by both AspEmail and AspEmail.NET, has been updated to eliminate the error

Handshake type 13 not supported.

This error would occur under the TLS mode with SMTP servers requesting a client certificate but not requiring one, such as, most notably, Microsoft Exchange Online (smtp.office365.com). This important enhancement is incorporated in the service releases AspEmail 5.3.0.3 and AspEmail.NET 5.3.0.3521. The upgrades are available free of charge to the registered users.

In this service release, the following secure-mail related methods get new path-based overloads:

• SendCertified
• SendEncrypted
• SendSigned
• SendSignedAndEncrypted

In the previous versions of AspEmail.NET, these methods required the instances of X509Certificate2 objects as arguments. From now on, these methods also accept physical paths to certificate files. This makes it possible for AspEmail.NET to be used in classic ASP to send secure mail as the methods no longer rely on the X509Certificate2 objects which do not exist in classic ASP.

The advantage of using AspEmail.NET to send secure mail over AspEmail is that the latter also requires AspEncrypt, while AspEmail.NET is completely self-sufficient.

The service release also adds the auxiliary method LogonUser for user impersonation. See KB article PS121023186 for code samples.

This service release fixes a bug in EmailAgentCfg64.cpl, the 64-bit version of the EmailAgent Configuration Panel, which caused it to crash on 64-bit Windows 8 and Windows 2012.

This service release fixes a bug that may cause EmailAgent.NET to not start on older versions of Windows with the exception system.missingmethodexception showing in the Event Viewer. It also fixes a minor bug in AspEmail.NET.

The service release makes AspEmail.NET visible to COM. From now on, this native .NET component can be used in a classic ASP environment. For more information on how to use AspEmail.NET (and also AspPDF.NET) from ASP, see our KB support article PS121023186.

In service releases AspEmail 5.3.0.1 and AspEmail.NET 5.3.0.3101, support for the Advanced Encryption Standard (AES) cipher has been added to the TLS modules of both components as well as EmailAgent.NET. This enables our products to be used with SMTP servers that require AES, such as Amazon Simple Email Service (SES.)

Previous versions would generate the exception

Fatal alert received from the server: handshake_failure.

when used with Amazon SES.

A bug has been fixed in the DKIM module causing a gradual slowdown when a large number of messages is generated with a single instance of the MailSender object. This service release also fixes a minor bug in the MailLogger object.

The service release fixes a bug in the EmailAgent.NET service responsible for occasionally sending the same queued message multiple times. This bug is also responsible for the error log message "FAILURE: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond."

Version 5.3 of our classic ASP and .NET mailing components features support for DomainKeys Identified Mail (DKIM), a method by which the sender digitally signs the email message to prove it really comes from the domain it claims it comes from. The recipient verifies the signature by obtaining the sender's public key from the domain's DNS records.

To send DKIM-signed messages, AspEmail and AspEmail.NET offer the new method SendCertified.

Section 5.5 of the AspEmail User Manual is dedicated to setting up DKIM infrastructure and using AspEmail to send messages equipped with DKIM signatures.

Section 3.4 of the AspEmail.NET User Manual describes the use of DKIM with AspEmail.NET.

As always, upgrading is free for registered users.

Version 5.2 of our classic ASP and .NET mailing components have the following new features:

• The new method ValidateAddressMX is capable of checking whether an email address actually exists. It performs a DNS lookup of the MX records pertaining to the email address's domain, and then contacts the corresponding SMTP server directly to verify if the address is valid.

  For more information, see Section 2.4 of the AspEmail User Manual, and Section 2.3 of the AspEmail.NET User Manual.

• AspEmail offers the new method ResetAddresses which clears the address lists but keeps the attachment, embedded image and custom header lists intact. This method has been added for additional convenience and to keep AspEmail's object model consistent with that of AspEmail.NET.
• Several minor bugs have been fixed in the EmailAgent.NET service.

A bug in EmailAgent.NET responsible for the error in the log SYSTEM: POP3 Error with host <hostname>: Index was outside the bounds of the array has been fixed.

AspEmail.NET 5.1.0.2077 accompanied by all-new EmailAgent.NET is now officially released.

EmailAgent.NET is the .NET version of EmailAgent, our message-queuing Windows service.

Compared to EmailAgent, EmailAgent.NET supports multiple queues, up to 256 simultaneous sessions, TLS and better logging. The configuration panel features a redesigned user interface.

For the detailed description of this new product, please see Chapter 4 of the .NET User Manual.

EmailAgent.NET is the .NET version of EmailAgent, our message-queuing Windows service. The new version offers many features you have been asking for.

This service release fixes several minor bugs and optimizes the message queue file generation process for EmailAgent.NET (soon to be beta-released.)

AspEmail.NET, AspEmail's native .NET counterpart, is now officially released! AspEmail.NET and AspEmail are almost entirely identical in terms of functionality, but the .NET version does not need to be registered on the web server: just place the assembly Persits.Email.dll in the /Bin directory of your application.

AspEmail.NET has its own 3-chapter User Manual and Object Reference with code samples in C# and VB.NET.

AspEmail.NET's basic functionality is free. The premium features require a registration key. The free 30-day evaluation key can be obtained here, along with the evaluation copy of the component.

This service release provides a fix for yet another minor bug in AspEmail's TLS module.

This service release provides a fix for a serious bug in the TLS module responsible for the error

Transport Layer Security Error #30 (SMTP): 503 5.5.2 Send hello first

occurring with some TLS-enabled SMTP servers. It also fixes several other bugs in the TLS and other modules.

AspEmail, a COM object, now has a native .NET counterpart! Feature-wise, AspEmail.NET is almost entirely identical to AspEmail but does not need to be registered on the web server: just place the assembly Persits.Email.dll in the /Bin directory of your application and you are good to go!

Please help us beta-test AspEmail.NET. You can download it here. We are looking forward to your feedback!

The service release contains the following fixes:

• A bug responsible for generating an error when the same instance of the MailSender object is reused to send multiple emails under TLS has been fixed. The error is:

  Transport Layer Security Error #40 (TLS): Invalid TLS version.

• When the 2nd argument to the AddAddress method contains a comma, the portion of the name after the comma is cut off. For example, the line

  Mail.AddAddress "john@company.com", "John Smith, Jr."

  would cause the recipient's name to appear simply as "John Smith". This bug has now been fixed as well.

We have added support for the Transport Layer Security (TLS) protocol to AspEmail 5.1. Now it can be used with any SMTP server requiring TLS, such as Google's smtp.gmail.com server.

TLS encrypts all traffic between the email sender and SMTP server: the authentication information (username/password), message headers, body and attachments.

To make AspEmail communicate with the SMTP server via TLS, simply set the TLS property to True:

Mail.TLS = True

As always, upgrading is free for the registered users.

The dreaded Must issue a STARTTLS command first error will haunt you no more! As of version 5.1 (now in beta) AspEmail supports the Transport Layer Security (TLS) protocol and can be used with SMTP servers that require it, including Google's popular free smtp.gmail.com server.

A problem causing the "light bulbs" on the EmailAgent Control Panel to not show on Vista, Windows 2008 and Windows 7 fixed.

Also, new installers for both the 32-bit and 64-bit versions have been built. The 64-bit installer is now fully functional -- it installs the code samples and documentation along with the executable files.

A bug causing the date information to show incorrectly in "fractional" timezones fixed.

A bug causing problems sending encrypted email with Unicode characters fixed.

The native 64-bit version of AspEmail is now officially released. Download it here.

A permanent key for the 64-bit version of AspEmail can now be purchased. For licensing purposes, AspEmail (64-bit) is a separate product. Your existing 32-bit keys will not work with the 64-bit version.

AspEmail 5.0.0.5 replaces all CR (ASCII 13) and LF (ASCII 10) characters in properties such as Subject, CharSet, Username and others with spaces to thwart "email header injection" attacks used by spammers.

In addition to this important security improvement, we also added support for Unicode characters in attachment filenames. Also, the AppendBodyFromFile method now supports text files in Unicode format.

Yet another new feature is the ability to assign a custom Message-ID to a message via the AddCustomHeader method.

AspEmail 5.0 offers a lot of new features you have been asking for, including full Unicode support and memory attachments. But most importantly, the new version comes with an all-new message queuing module which supports up to 64 simultaneous SMTP sessions, logging, CRAM-MD5 and NTLM authentication methods, automatic bounced-message handling, and much more.

For the complete list of new features, see Chapter 1 of the manual. Download AspEmail 5.0 here. Upgrades are absolutely free for registered users.

AspEmail can be used in conjunction with AspEncrypt, our powerful cryptographic component, to send signed messages, encrypted messages, and messages that are first signed and then encrypted, in the S/MIME format.

Visit www.aspencrypt.com to download your free 30-day trial copy of this component.

AspEmail is a free active server component that enables your ASP application to send email messages via any external SMTP server. The component supports multiple file attachments, multiple recipients, CCs, BCCs, and REPLY-TOs.

In addition to basic functionality available for free, AspEmail offers a number of premium features that require a registration key after a 30-day evaluation period. These features are support for message queuing, embedded images, Quoted-Printable format, multipart/alternative support and authentication. Regular file attachments are still free, of course.

This premium feature allows you to send messages in the HTML format with embedded images and backgrounds. You can even embed sounds in your messages. Here is how it's done:

...
Mail.AddEmbeddedImage "c:\dir\bk.gif", "My-Image"
Mail.Body = _
    "<HTML><BODY BACKGROUND=""cid:My-Image"">...</HTML>"
or

Mail.AddEmbeddedImage "c:\dir\ring.wav", "My-Sound"
Mail.Body = _
    "<HTML><BGSOUND SRC=""cid:My-Sound""></BGSOUND>..."

AspEmail can be used in conjunction with AspUpload, the leading file upload component from Persits Software, to send messages with file attachments over the Web, as demonstrated by our Live Demo.

For more information on AspUpload, please visit AspUpload.com, a site dedicated to this powerful component.