2

I'm having this problem when sending an email with Java 8 and JavaMail 1.5:

EDIT: Java 1.8.0_301 (but also 1.8.0.192) and Javamail 1.5.0

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
    at com.sun.mail.smtp.SMTPTransport.readServerResponse(SMTPTransport.java:1764)
    at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1523)
    at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:453)
    at javax.mail.Service.connect(Service.java:313)
    at javax.mail.Service.connect(Service.java:172)
    at javax.mail.Service.connect(Service.java:121)
    at javax.mail.Transport.send0(Transport.java:190)
    at javax.mail.Transport.send(Transport.java:120)

I only have the problem with JavaMail 1.5, I don't have the problem when using JavaMail 1.6, nor when using JavaMail 1.4 (up to 1.4.1).

I would go on using JavaMail 1.4.1 or I would happily upgrade to JavaMail 1.6, but unfortunately I cannot (due to backwards Java compatibility).

EDIT: we must maintain compatibility with older versions of Websphere which use java 1.6. Obviously in this case the application won't send mail with TLS1.2 and would only support older protocol versions or sending via port 25 through a connector

My code is the following:

Properties props = new Properties();
props.put("mail.smtp.ssl.enable", "true");
props.put("mail.smtp.host", "xxx");
props.put("mail.from", "xxxxxxxxxxx");
props.put("mail.smtp.port", "465");

Session session = Session.getInstance(props);
Authenticator auth = new javax.mail.Authenticator() {protected PasswordAuthentication getPasswordAuthentication() {
        return new PasswordAuthentication("xxxxxxxxxxxxx","xxxxxxxxxxxx");}};
session = Session.getInstance(props, auth);

MimeMessage message = new MimeMessage(session);     
try {
    message.setFrom(new InternetAddress("xxxxxxxxx"));
    message.setRecipients(Message.RecipientType.TO, "yyyyyyyyyyy");
    message.setSubject("TEST");
    message.setText("Dear Tester,...... ");
    Transport.send(message);
} catch (MessagingException e) {
    e.printStackTrace();
    e.printStackTrace(output);
    output.println(e.getMessage());
}

Using JavaMail 1.6 it works, when using JavaMail 1.5 it doesn't. With JavaMail 1.5, I solve the problem only if I force the protocol version, this way:

props.put("mail.smtp.ssl.protocols", "TLSv1.2");

I'd rather not use this solution, in favor of a more generic and standard solution. Anyone have any ideas?

Debs
  • 21
  • 4
  • 1
    I'm curious what kind of backwards compatibility issue keeps you back. – Mark Rotteveel Oct 12 '21 at 07:56
  • In any case, please specify the exact version of Java 8 and the exact JavaMail 1.5 version you're using. Personally, using `props.put("mail.smtp.ssl.protocols", "TLSv1.2");` seems like a perfectly fine solution to me. The alternative is to try using the smtps protocol instead? See also https://eclipse-ee4j.github.io/mail/docs/SSLNOTES.txt – Mark Rotteveel Oct 12 '21 at 08:04
  • 2
    It should only fail for javamail before 1.5.3 in 2015 (which defaulted to TLSv1=1.0) run on 8u291 (or 11.0.11 or 16) in 2021 up (which disable 1.0 and 1.1 as insecure). You can use 1.2 in old javamail by coding as you did, and there is no more-standard way; or use 1.0 on new java by changing jdk.tls.disabledAlgorithms in JRE/lib/security/java.security (JRE/conf in 9 up) IF the server still supports it which more and more don't because they're insecure. Dupe https://stackoverflow.com/questions/67899129/postfix-and-openjdk-11-no-appropriate-protocol-protocol-is-disabled-or-cipher – dave_thompson_085 Oct 12 '21 at 08:23
  • I don't like having to write `props.put("mail.smtp.ssl.protocols", "TLSv1.2");` because it should NOT be necessary. Due to many possible different configurations by many of our users, I would have preferred not to force a protocol version and let java (mail) do its job. – Debs Oct 12 '21 at 09:36
  • @MarkRotteveel I'll make a try with smtps and let you know, thank you! – Debs Oct 12 '21 at 09:39
  • @dave_thompson_085 I'm going to try with javamail 1.5.3, maybe that could be the definitve solution to my problem, thanks! – Debs Oct 12 '21 at 09:40
  • It isn't necessary to specify `mail.smtp.ssl.protocols`. Just do the upgrade. JavaMail is up to version 1.14 or so. – user207421 Oct 12 '21 at 09:41
  • @dave_thompson_085 if I use javamail 1.5.3 it magically WORKS! thank you!!! Please tell me: should I have known since the start? how did you know? how could I have worked it out (of course I could have tried all the intermediate versions between 1.5.0 and 1.6...)? I didn't find this problem listed among the bugs of the various releases, or maybe I didn't look with enough care... – Debs Oct 12 '21 at 09:52
  • @Debs In general you should always use the latest version (1.6.7 for the javax.mail.*, or 2.0.1 for the jakarta.mail.* namespace), or otherwise at least the latest point release (in your case 1.5.6). But you're right, this specific issue doesn't seem to be listed in the release notes. – Mark Rotteveel Oct 12 '21 at 10:21

0 Answers0