Using TLS with SmtpClient
A rather small change to your code can increase security by sending E-Mails via an encrypted connection.
Recently I stumbled across code, that send E-Mails with the System.Net.Mail.SmtpClient class. That piece of code did not try to communicated encrypted with the receiving SMTP server. So I changed that, to enable a TLS connection.
try { var message = new MailMessage(); _smtpClient.EnableSsl = true; _smtpClient.Send(message); } catch (SmtpException ex) { // if the recpient mailserver does not support SSL, send without encryption _smtpClient.EnableSsl = false; _smtpClient.Send(message); }
The change in my code was to enable TLS be default, and turn it off in case the receiving SMTP server does not support it. Everything else is untouched, which results in a small change in code to increase security.
I am catching the SmtpException that is thrown if TLS is unsupported. You can read more about the property and what it changes here: http://msdn.microsoft.com/en-us/library/system.net.mail.smtpclient.enablessl%28v=vs.110%29.aspx
Most of the time “old” code is worth a review with current knowledge. But I am sure you know that already 🙂
Update: