Saturday, May 05, 2012

Email Confusion - Configuring SMTP options for your Sitecore (Modules)

I’ve been working a lot with the different modules in Sitecore, and it seems everytime I need to send out an email I run into difficulties. The reasons for this are quite numerous.
In web.config we have the default MailServer settings, which are used through-out the system:
      <setting name="MailServer" value="" />
      <setting name="MailServerUserName" value="" />
      <setting name="MailServerPassword" value="" />
      <setting name="MailServerPort" value="25" />
Now.. No statement without exceptions, so firstly: The Email Campaign Manager(ECM) uses its own provider settings – this makes sense, since you might not want to send out 10k+ emails through your regular SMTP provider ;-). So you either use the Sitecore Message Transfer Agent(MTA) though the Sitecore App Center with a subscription, or you setup a local MTA.
Secondly: Web Form For Marketers(WFFM) has it’s own send email action (/sitecore/system/Modules/Web Forms for Marketers/Settings/Actions/Save Actions/Send Email Message) which by default overrides your MailServer with it’s own "” – not to keen on their choice of default values here, but just remove it and it will default to your web.config settings.

The trouble begins

This is all well and fine, until you have a client that want to use a SMTP service with either SSL or TLS – The default Sitecore send mail method (Sitecore.MainUtil.SendEmail) do not implement SSL. This is curiously handled in both ECM and WFFM, just not in the base Sitecore system.

In ECM, when using a local MTA, you have the option to set the “SMTP.StartTLS”. And in WFFM send mail action, you have some undocumentet settings available (not really a surprise to experienced Sitecore developers ;-)) but add the “enableSSL” attribute in you “send email message” parameters section, and this will ofcourse not enable SSL – it will however enable TLS :-P.You can verify this by sending trough gmail. To make it work you need to send trough port “587”, and not “465” which is for normal SSL encryption.

This is because Sitecore uses the System.Net.Mail.SmtpClient which states
The SmtpClient class only supports the SMTP Service Extension for Secure SMTP over Transport Layer Security as defined in RFC 3207. In this mode, the SMTP session begins on an unencrypted channel, then a STARTTLS command is issued by the client to the server to switch to secure communication using SSL. See RFC 3207 published by the Internet Engineering Task Force (IETF) for more information.
Now we still have a problem with the rest of Sitecore – Password recorvery, Sitecore Ecormerce Services and so on.. But since Sitecore uses the System.Net.Mail.SmtpClient we then have the option to “enableSsl” trough our web.config file. Just add this entire segment to the bottom of your webconfig file (before the end </configuration> tag)
      <smtp deliveryMethod="Network">
        <network enableSsl="true" />
This enables the rest of Sitecore to use a SSL(with TLS) SMTP provider, like gmail, for all email functions. Just set your MailServerSettings to:
      <setting name="MailServer" value="" />
      <setting name="MailServerUserName" value=""/>
      <setting name="MailServerPassword" value="yourGmailPassword" />
      <setting name="MailServerPort" value="587" />
And you are good to go. Be aware that you still need to include the <enableSSL>true</enableSSL> tag in WFFM “Send Email Message” or it will specificly set enableSSL to false.
Also Sitecore may include this in a later version, and then you should remove this and use the provided Sitecore settings. This is testet on a Sitecore CMS 6.5.0 rev 111230 with WFFM 2.3.0 rev 120216. using .Net 4 Framework


Divamatrix said...

Having not used Ecommerce or Password recovery, please forgive me if this seems like a silly question. I do know about ECM being party to tearing down ECM to use an extend just about every part of it, for various clients or reporting needs, I am curious if you could just use ECM to send out "standard messages" when you need to send email which gives the added benefit of including some of the typical tracking abilities of ECM rather than trying to call the Sitecore functionality?

Finn Sandbeck Nielsen said...

Not at all - WFFM include a specific ECM save action for this exact purpose (Send Email Campaign Message).

This will give you all of the tracking/analytics benefits you mentioned.

However, the password recovery is more difficult. Your users have access to this feature from the Sitecore login page, and it calls a Static method that sends the email. Only way to get around that is to replace the "Website\sitecore\login\passwordrecorvery.aspx" page with your own.

I don't think you can override the SES mail send - but there might be something in the unity config (haven't looked :))