Options

[Solved] SMTP Mail and TLS

FragenFragerFragenFrager Member Posts: 56
edited 2024-06-10 in NAV Three Tier
Hello,
One of our customers wants to switch his email delivery to Exchange Online. However, when sending the test email in the SMTP setup, he received the following message:

"The mail system returned the following error: "Error sending mail. Authentication failed because the other party closed the transport stream."

After some Googling, I came to the solution of specifying TLS version 12 explicitly in the code via the following line in the TrySend function in the CU400
ServicePointManager.SecurityProtocol := 3072; // 3072 = Tls12 (TLS 1.2)
It works this way, but I don't really like it because...
    - this forces me to use a specific TLS version, which is not recommended by Microsoft. However, it doesn't say how I read the TLS version from the operating system.
    - I "mess up" a standard object. Unfortunately, the CU400 does not seem to offer any events in this version that you could subscribe to

Does anyone here know a slightly smoother solution?

Answers

  • Options
    Gokul_Tech_BCGokul_Tech_BC Member Posts: 4
    If your using SMTP try to access with APP password which will have 2 factor authentication and that will eliminate this issue
  • Options
    FragenFragerFragenFrager Member Posts: 56
    Hello Gokul_Tech_BC,
    thanks for the answer, but I'm not sure how to do that in detail. Perhaps, I have to mention that the customer uses NAV2017, is that possible for that version?
  • Options
    SanderDkSanderDk Member Posts: 499
    Hi @FragenFrager,
    I understand your points for what you don't like, but when this is still a issue, then the customer is running a faily old NAV version, so "messing" with object, is a acceptable way of handling this or upgrade to a newere version.

    Another way is to change the default TLS version on the server running your NAV/BC onprem.

    This can be done by saving the following line as a xx.reg and running it followed by restarting the server:
    "
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
    "SystemDefaultTlsVersions" = dword:00000001
    "SchUseStrongCrypto" = dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
    "SystemDefaultTlsVersions" = dword:00000001
    "SchUseStrongCrypto" = dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
    "SystemDefaultTlsVersions" = dword:00000001
    "SchUseStrongCrypto" = dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
    "SystemDefaultTlsVersions" = dword:00000001
    "SchUseStrongCrypto" = dword:00000001"


    Both way have pros and cons and depends on you needs :smile:
    For help, do not use PM, use forum instead, perhaps other people have the same question, or better answers.
  • Options
    FragenFragerFragenFrager Member Posts: 56
    Hello Gokul_Tech_BC, hello SanderDk,
    thanks for your friendly advices. If this is still an issue, I will discuss both suggestions with the system administrator of our customer.
    So far, I will mark this topic as solved.
    Thank you very much.
Sign In or Register to comment.