Attached is a program called TLSSend. This Version uses MS CNG (Cryptography Next Generation), and sends email messages to:
1. Your ISP
2. Gmail
3. MS Live
using ports 25, 1025, 465, or 587. Port 25 is the standard SMTP port, port 1025 is the Plain Authentication port offered by some services, port 465 is for the standard "Secure" connection, and port 587 is for the "Secure" connection using STARTTLS. Port 465 negotiates a secure connection directly after the TCP connection is established, whereas port 587 starts the connection in text mode, but negotiates the secure connection before the transmission of the authentication information.
When first run, TLSSend automatically activates the Setup form. There you will find the requirements for your ISP, Gmail, and MS Live(Outlook/Hotmail) accounts. Each one requires the name of the Outbound Server, the account name, the Password, and the ports utilized. Both Gmail and Live do not support non-secure connections, and MS Live does not support port 465. My own ISP accepts connections on all four ports, but unfortunately doesn't support TLS 1.2 on the secure connections. Strange part is that it requires SHA256 for the Hash algorithm when there are about 40% of servers that still use SHA1.
There is currently a problem with Gmail that does not stop it from working. A secure server will forward a Certificate chain that includes the RSA Key used and a Signature. The signature attached to the last Certificate is normally a Hash of the Server (first) Certificate encrypted with the RSA Private key from the last Certificate (Certificate Authority). For reasons unknown, Google uses a Certificate issued by Equifax that contains a 2048 bit/256 byte RSA Public Key, but the attached Signature is 1024 bit/128 byte. A 128 byte Signature cannot be created using a 256 byte Key, and 128 byte Keys have not been in use since the end of 2013. Since TLSSend does not support 128 Byte keys/signatures, it cannot verify the Server Certificate from Google.
J.A. Coutts
1. Your ISP
2. Gmail
3. MS Live
using ports 25, 1025, 465, or 587. Port 25 is the standard SMTP port, port 1025 is the Plain Authentication port offered by some services, port 465 is for the standard "Secure" connection, and port 587 is for the "Secure" connection using STARTTLS. Port 465 negotiates a secure connection directly after the TCP connection is established, whereas port 587 starts the connection in text mode, but negotiates the secure connection before the transmission of the authentication information.
When first run, TLSSend automatically activates the Setup form. There you will find the requirements for your ISP, Gmail, and MS Live(Outlook/Hotmail) accounts. Each one requires the name of the Outbound Server, the account name, the Password, and the ports utilized. Both Gmail and Live do not support non-secure connections, and MS Live does not support port 465. My own ISP accepts connections on all four ports, but unfortunately doesn't support TLS 1.2 on the secure connections. Strange part is that it requires SHA256 for the Hash algorithm when there are about 40% of servers that still use SHA1.
There is currently a problem with Gmail that does not stop it from working. A secure server will forward a Certificate chain that includes the RSA Key used and a Signature. The signature attached to the last Certificate is normally a Hash of the Server (first) Certificate encrypted with the RSA Private key from the last Certificate (Certificate Authority). For reasons unknown, Google uses a Certificate issued by Equifax that contains a 2048 bit/256 byte RSA Public Key, but the attached Signature is 1024 bit/128 byte. A 128 byte Signature cannot be created using a 256 byte Key, and 128 byte Keys have not been in use since the end of 2013. Since TLSSend does not support 128 Byte keys/signatures, it cannot verify the Server Certificate from Google.
J.A. Coutts