Java Mail : Unable to initiate SMTPS protocol via TLS on port 587

Question

I would like to send SMTPS mail via TLSv1.2/TLSv1.3 on port 587.

I use Axigen as a mail server, with the following configuration:

• listeners ssl : 465 / 587
• ssl configuration : TLS 1.2 / TLS 1.3

EXAMPLE WITH PORT 587

Here is the java debug trail :

DEBUG SMTP: need username and password for authentication
DEBUG SMTP: protocolConnect returning false, host=192.168.59.99, user="user", password=<null>
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "192.168.59.99", port 587, isSSL true
220 axigen Axigen ESMTP ready
DEBUG SMTP: connected to host "192.168.59.99", port: 587
EHLO "DOMAIN"
250-axigen Axigen ESMTP hello
...
DEBUG SMTP: STARTTLS requested but already using SSL
DEBUG SMTP: protocolConnect login, host=192.168.59.99, [email protected], password=<non-null>
DEBUG SMTP: Attempt to authenticate using mechanisms: LOGIN PLAIN DIGEST-MD5 NTLM XOAUTH2 
DEBUG SMTP: Using mechanism LOGIN
DEBUG SMTP: AUTH LOGIN command trace suppressed
DEBUG SMTP: AUTH LOGIN succeeded
DEBUG SMTP: use8bit false
MAIL FROM:<[email protected]>
250 Sender accepted
RCPT TO:<[email protected]>
250 Recipient accepted
DEBUG SMTP: Verified Addresses
DEBUG SMTP:   [email protected]
DATA
354 Ready to receive data; remember <CRLF>.<CRLF>
Date: Tue, 7 Feb 2023 10:03:25 +0100 (CET)
From: [email protected]
To: [email protected]
Message-ID: <[email protected]>
Subject: TestMail
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

TestMail
.
250 Mail queued for delivery
DEBUG SMTP: message successfully delivered to mail server
QUIT
221-axigen Axigen ESMTP is closing connection
221 Good bye

Process finished with exit code 0

I use wireshark to see the exchanges on the mail server.

On port 587 the protocol used is TCP/SMTP, but it is not SMTPS.

EXAMPLE WITH PORT 465

Java debug trail :

DEBUG SMTP: need username and password for authentication
DEBUG SMTP: protocolConnect returning false, host=192.168.59.99, user="user", password=<null>
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "192.168.59.99", port 465, isSSL true
220 axigen Axigen ESMTP ready
DEBUG SMTP: connected to host "192.168.59.99", port: 465
EHLO "DOMAIN"
250-axigen Axigen ESMTP hello
...
DEBUG SMTP: STARTTLS requested but already using SSL
DEBUG SMTP: protocolConnect login, host=192.168.59.99, [email protected], password=<non-null>
DEBUG SMTP: Attempt to authenticate using mechanisms: LOGIN PLAIN DIGEST-MD5 NTLM XOAUTH2 
DEBUG SMTP: Using mechanism LOGIN
DEBUG SMTP: AUTH LOGIN command trace suppressed
DEBUG SMTP: AUTH LOGIN succeeded
DEBUG SMTP: use8bit false
MAIL FROM:<[email protected]>
250 Sender accepted
RCPT TO:<[email protected]>
250 Recipient accepted
DEBUG SMTP: Verified Addresses
DEBUG SMTP:   [email protected]
DATA
354 Ready to receive data; remember <CRLF>.<CRLF>
Date: Tue, 7 Feb 2023 10:58:52 +0100 (CET)
From: [email protected]
To: [email protected]
Message-ID: <[email protected]>
Subject: TestMail
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

TestMail
.
250 Mail queued for delivery
DEBUG SMTP: message successfully delivered to mail server
QUIT
221-axigen Axigen ESMTP is closing connection
221 Good bye

Process finished with exit code 0

On wireshark with port 465, we can see that the protocol used is TLSv1.3.

Below is the Java code for sending mail : (I have used all combinations of java smtp/smtps properties without success)

import com.sun.mail.smtp.SMTPTransport;
import jakarta.mail.*;
import jakarta.mail.internet.InternetAddress;
import jakarta.mail.internet.MimeBodyPart;
import jakarta.mail.internet.MimeMessage;
import jakarta.mail.internet.MimeMultipart;

public class SendMail {

    public static void main(String[] args) throws MessagingException {

        Session session = null;

        Properties properties = System.getProperties();

        properties.put("mail.debug", "true");

        properties.put("mail.transport.protocol", "smtp");
        properties.put("mail.host", "192.168.59.99");
        properties.put("mail.smtp.auth", "true");
        properties.put("mail.smtp.port", "587");

        // Enable STARTTLS
        properties.put("mail.smtp.starttls.enable", "true");
        properties.put("mail.smtp.starttls.required", "true");

        // Accept only TLS 1.1 and 1.2
        properties.setProperty("mail.smtp.ssl.enable", "true");
        properties.setProperty("mail.smtp.ssl.trust", "192.168.59.99");
        properties.setProperty("mail.smtp.ssl.protocols", "TLSv1.2 TLSv1.3");


       // properties.put("mail.transport.protocol.rfc822", "smtp");

        session = Session.getInstance(properties, new Authenticator() {
            @Override
            protected PasswordAuthentication getPasswordAuthentication() {
                return new PasswordAuthentication("[email protected]", "us3r");
            }
        });

        if (session == null) {
            throw new RuntimeException("Error creating mail session.");
        }

        session.setDebug(true);

        // message
        Message message = new MimeMessage(session);
        message.setFrom(new InternetAddress("[email protected]"));
        message.setRecipients(Message.RecipientType.TO,   InternetAddress.parse("[email protected]"));
        message.setSubject("TestMail");
        message.setText("TestMail");

        Transport.send(message);

    }

}

Unsuccessful java properties :

    Properties properties = System.getProperties();
    properties.setProperty("mail.smtp.host", "192.168.59.99");
    properties.setProperty("mail.smtp.port", "587");
    properties.put("mail.smtp.auth", true);
    properties.put("mail.smtp.socketFactory.port", "587");
    properties.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
    properties.put("mail.smtp.socketFactory.fallback", "false");
    properties.put("mail.smtp.ssl.enable", "true");
    properties.put("mail.smtp.ssl.protocols", "TLSv1.2");
    properties.put("mail.smtp.starttls.enable", "true");
    properties.put("mail.smtp.starttls.required", "true");
    ////
    properties.put("mail.smtps.host", "192.168.59.99");
    properties.put("mail.smtps.port", "587");
    properties.put("mail.smtps.socketFactory.port", "587");
    properties.put("mail.smtps.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
    properties.put("mail.smtps.socketFactory.fallback", "false");
    properties.put("mail.transport.protocol", "smtps");
    properties.put("mail.smtps.ssl.enable","true");
    properties.put("mail.smtps.starttls.enable","false");
    properties.put("mail.smtps.auth", "true");
    properties.put("mail.smtps.ssl.protocols", "TLSv1.2");
    ///
    properties.put("mail.transport.protocol.rfc822", "smtp");

The librairies I tried :

• javax.mail : 1.5.0-b01
• javax.mail : 1.6.2
• jakarta.mail : 2.0.1

I would like to force the TLSv1.2 or TLSv1.3 protocol on port 587.