by   March 09 2015   
CDO.Message, you know how to use it, you have had it since the 90's and now you can actually make it secure. Force TLS via you firewall to your email server without rollback unsecured port 25 connection options. Sometimes software vendors need to just listen and allow us hard coding rules. But when they don't, find a different software vendor that does.

ASP Classic using CDO.Message under STARTTLS FORCED

Yes, after all this time you can now force your own IIS sever to actually connect via TLS and encrypt the full body, sender, recipient of the email. 

Well, from what I understand, that is what is happening here but only with a few types of configuration. 

STARTTLS doesn't have to start which is a problem if you're hosting on a IIS server using CDO.Message and want to make sure the connection between your server and your email is secure. 

Seems like it was just yesterday that I was forcing encrypted into green clear communications and now I need to force encrypted communications and if not then don't do a thing. 

Very different from what software and hardware vendors setup for you. 

ASP Classic CDO.Message code with StartTLS. 

Dim MyTLSMail

Set MyTLSMail = CreateObject("cdo.message")
MyTLSMail.From = str_mailFrom
MyTLSMail.To = str_mailTo
MyTLSMail.Subject = str_mailSubject
'MyTLSMail.HTMLBody = tEmailBody
'Or
MyTLSMail.TextBody = tEmailBody
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = mailServer
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusername") = Username
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendpassword") = Password
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = 1
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 587
MyTLSMail.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendtls") = true
MyTLSMail.Configuration.Fields.Update
MyTLSMail.Send
Set MyTLSMail = nothing

That's it, you're ready to go.. But are you?

If you've used this with your SmarterMail Server you might have found that it will drop back or connect without TLS if the connection isn't FORCED. 

The Watchguard XTM 330 Firewall I use was configured to FORCE TLS on SMTP protocol which then made each connection from the internal IIS server FORCED to the SmarterMail Server. 

Sounds like a long way around the block to make things more secure, but if a bug was between my IIS server Web.Config settings and my Email Server now it's going to have to work harder at reading things. 

Read more about the Watchguard XTM Firewall settings to force TLS at MySmallCloud.Com (My Micro Enterprise Sized Website)

 

 

CDO.Message, you know how to use it, you have had it since the 90's and now you can actually make it secure. Force TLS via you firewall to your email server without rollback unsecured port 25 connection options. Sometimes software vendors need to just listen and allow us hard coding rules. But when they don't, find a different software vendor that does.