I was recently asked if the ReportBuilder Indy email plugin supports TLS version 1.2. The answer depended on whether Indy supports TLS 1.2, which thankfully it does! Many email providers (i.e. Gmail and Outlook) are now requiring the use of this version to connect to their SMTP servers. After researching a bit, I found that while Indy does support the use of TLS 1.2, it is not the default. Below are my findings and some sample code get this working with the current version of ReportBuilder (21.01).
When connecting directly to a secure SMPT server with the ReportBuilder Indy email plugin, it is necessary to set the EmailSettings.ConnectionSettings.UseTLS property to True. It is also necessary for the latest OpenSSL .dll files to be accessible to the application executable. (See the UseTLS topic in the installed RB help for more information).
With UseTLS set to True, an IOHandler is automatically created to make the secure connection to the server using OpenSSL. Problems can arise with newer servers as Indy uses TLS 1.0 as its default security protocol. To change this in ReportBuilder, you can use the Report.BeforePrint event to access the TidSMTP object in code.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
uses ppSMTPIndy10, ppEmail, IdSSLOpenSSL, IdSMTP; ... procedure TForm1.ppReport1BeforePrint(Sender: TObject); var lEmail: TppEmail; lSMTP: TIdSMTP; begin lEmail := TppEmail(ppReport1.Email); lSMTP := TppSMTPIndy(lEmail.SMTP).IndySMTP; TIdSSLIOHandlerSocketOpenSSL(lSMTP.IOHandler).SSLOptions.Method := sslvTLSv1_2; end; |
Note: For now, the BeforePrint event works because it fires after the SMTP plugin is setup but before it attempts to connect to the server. For a future release of ReportBuilder, I believe a new event should be added to the plugin that fires before the connection is made which would allow logical separation of email related code and report event code.
Another option is to create your own IO handler and assign its SSL options. For this option to function, the UseTLS property must be set to False as the developer is taking care of creating the IO handler manually.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
uses ppSMTPIndy10, ppEmail, IdSSLOpenSSL, IdExplicitTLSClientServerBase; ... var lEmail: TppEmail; lSMTP: TidSMTP; lIOHandler: TIdSSLIOHandlerSocketOpenSSL; begin ppReport1.EmailSettings.ConnectionSettings.Port := 587; ppReport1.EmailSettings.ConnectionSettings.UseTLS := False; lEmail := TppEmail(ppReport1.Email); lSMTP := TppSMTPIndy(lEmail.SMTP).IndySMTP; lIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(lSMTP); try lIOHandler.SSLOptions.Method := sslvTLSv1_2; lSMTP.IOHandler := lIOHandler; lSMTP.UseTLS := utUseExplicitTLS; ppReport1.SendMail; finally lIOHandler.Free; end; end; |
Hopefully this gives you a better idea how to enable TLS 1.2 for the ReportBuilder Indy email plugin. The main take-away here is that the underlying Indy TidSMTP object is easily accessible from ReportBuilder allowing for complete customization. For more information about customizing Indy from ReportBuilder, see the following Wiki article.
Happy Reporting!