Javamail SMTP over TLS using SSLv3

One of the projects I’m working on requires the securing of all the servers and transports used in a message flow involving a JEE/Websphere MQ/Lotus Notes SMTP server infrastructure.  The javamail portion is a standalone java app running on Solaris which is triggered by MQ (not running within Websphere).  The message flow looks something like this:

Webapp running on websphere 5.1 -> MQ -> Transformation (MQ triggered standalone java app on Solaris) -> MQ -> Javamail (MQ triggered standalone java app on Solaris) -> SMTP -> external

The Javamail to SMTP server hop is secured via TLS (Transport Layer Security) using the SSLv3 protocol.

At first it seemed fairly straightforward. The documentation for javamail states that it does support SSL and TLS, however another developer on my team spent 2 days trying to get it to work, we discovered how poorly javamail is documented, in particular getting a secured connection using TLS and SSLv3 to work. Several websites found via google searches discuss it, but none seem to have a working example. One site talks about creating a custom SSLSocketFactory (not needed), and a couple others simply recommend reading the Javamail FAQ and SSLNOTES.txt that come with the javamail download. I found the SSLNOTES.txt to be most helpful, but did not provide working examples or the detail necessary to allow for a quick implementation. It still took a lot of tweaking to get a working solution, so I am posting it here for future reference as well as to help others who need to provide similar capabilities.

The key was setting the correct properties and specifying the correct protocols to use.


/**
* This method sends an email using TLS
*
* @param strTo To Addresses
* @param strCc CC Addresses
* @param strFrom From Address
* @param strSub Subject
* @param strMsg Message
*
* @throws IOException Description
*/
public void SendMailTLS(String strTo, String strCc, String strFrom,
String strSub, String strMsg)
throws IOException
{

//Set the properties required for TLS/SSL handshake
Properties props = new Properties();
System.setProperty(“javax.net.debug”, “ssl,handshake”);
props.put(“mail.smtp.host”, “<put your smtp server here>”);
props.put(“mail.smtp.starttls.enable”, “true”);
props.put(“mail.smtp.ssl.protocols”,”SSLv3 TLSv1″);

Session session = Session.getInstance(props);

session.setDebug(true);

//start sending the messages
try
{
//Instantiate new mime message and fill it with the required info
Message msg = new MimeMessage(session);

//set From
msg.setFrom(new InternetAddress(strFrom.trim()));

//set To
InternetAddress address[] = { new InternetAddress(strTo.trim()) };
msg.setRecipients(Message.RecipientType.TO, address); //To Recipients
msg.reply(false);

//set CC
if (!strCc.equals(“”))
{
InternetAddress address1[] = { new InternetAddress(strCc) };
msg.setRecipients(Message.RecipientType.CC, address1); //CC Recipients
}

//set Subject
msg.setSubject(strSub);

//setDate
msg.setSentDate(new java.util.Date());

//set Text
msg.setContent(strMsg, “text/html”);

// hand the message for delivery
Transport.send(msg);

}
catch (MessagingException mex)
{
System.out.println(“Mail Couldn’t Send to : ” + strTo + “ERROR: ” + mex.toString());
mex.printStackTrace();
}
}