Tuesday, March 17, 2009

SSL must not be enabled for pickup-directory delivery methods

Maybe I'm just getting soft and lazy.
It seems I've gotten used to just finding the answer to everything I need by googling it and relying on the community to solve it for me.

I mean, at least when I’m not dealing with the bleeding edge of technology, I should expect to find a post from somebody who’s already ran into a similar problem – right?

Well, I was a bit surprised when I tried to implement a simple email client using the totally mundane System.Net.Mail (really not bleeding edge, is it?), and received the following exception:

SSL must not be enabled for pickup-directory delivery methods

Happily I searched the web for this error message only to find two (2!) whole articles about it, none of which was any help at all.

So, I figured it’s a good enough reason for my first blog post. After all, the blog itself has been ready and waiting for several months now for me to find the time and motivation to write something.

But, I was doing something really trivial - there must be thousands of blog posts about how to write an SMTP client to send mail using the SmtpClient class.

The code itself goes something like this:

MailMessage emailMessage = new MailMessage();
emailMessage.From = from;
foreach (MailAddress ma in to)
emailMessage.To.Add(ma);
emailMessage.Subject = subject;
emailMessage.Body = message;

SmtpClient smtp = new SmtpClient(_smtpHost, 587);

smtp.UseDefaultCredentials = false;
smtp.Credentials = new System.Net.NetworkCredential("myGmailAccount", "myGmailPassword");
smtp.EnableSsl = true;
smtp.Send(emailMessage);

A textbook sample, isn’t it?

As it turns out, the error is really self explanatory if you you’re aware of the SmtpClient‘s DeliveryMethod Property and its usage.

But I wasn’t messing with the DeliveryMethod - so why would it mess with me?

It took me a while to find out that someone has left a surprise for me in the web.config:

<system.net>
<
mailSettings>
<
smtp deliveryMethod="PickupDirectoryFromIis">
<
network defaultCredentials="true" host="localhost" port="25"/>
</
smtp>
</
mailSettings>
</
system.net>

And while I was overriding all the other parameters in my code, the DeliveryMethod was defaulting to PickupDirectoryFromIis, which is obviously incompatible with SSL (it makes perfect sense actually, if you’re going to write the emails to a queue directory on your file system, then you obviously won’t need to be using SSL).

If you want to know more about DeliveryMethod you may find Marco’s post useful.

The solution for me was to just get rid of the whole configuration section. I’m one of the people who think MS has messed up implementing the default configuration system, and it really shouldn’t be used for anything more complicated then switching between your own environments. If you use web.config or app.config to actually manage real configuration parameters that change between different installations then you’re in a world of pain. But I digress.

On the other hand, some other parts of the framework such as the ASP.NET membership controls rely on this configuration section. So if you don’t want to face the consequences of taking away a piece of configuration that may be used elsewhere in the system, then you can explicitly override the DeliveryMethod in your code like this:

smtp.DeliveryMethod = SmtpDeliveryMethod.Network;

I hope this has made things a bit clearer regarding the usage of DeliveryMethod and its pitfalls.