如何解决[EIdSMTPReplyError]身份验证失败? [英] How do I solve [EIdSMTPReplyError] Authentication unsuccessful?

问题描述

我正在尝试将SMTP与TLS和Office365结合使用.我能够使用Powershell和TLS成功发送电子邮件，但是在下面的示例中，我目前遇到错误:

I'm trying to use SMTP with TLS and Office365. I'm able to successfully send an email using powershell and TLS but with the below example I'm currently stuck with error:

项目SMTP_SSL_Example.exe引发异常类EIdSMTPReplyError并显示消息身份验证不成功[JN2P275CA0026.ZAFP275.PROD.OUTLOOK.COM]'

Project SMTP_SSL_Example.exe raised exception class EIdSMTPReplyError with message 'Authentication unsuccessful [JN2P275CA0026.ZAFP275.PROD.OUTLOOK.COM]'

连接成功，但是代码中的身份验证部分失败.以前有人告诉我响应来自服务器.如果我使用PowerShell成功收到邮件，这会有何不同?有什么想法吗?

The connection is successful but the authentication part in the code fails. I've previously been told that the response is coming from the server. If I get a successful mail using PowerShell how come this differs? Any ideas?

我正在使用Indy 10.6.2.5366.

I'm using Indy 10.6.2.5366.

更新:另一件套装也出现了同样的错误.我只是不明白为什么Powershell允许我发送邮件，但是我不能以编程方式.

Update: I'm also getting the same kind of error with another component suit. I just don't understand why Powershell is allowing me to send the mail but I can't programmatically.

procedure TForm28.Method2Click(Sender: TObject);
var
  idSMTP1: TIdSMTP;
  idSASLLogin: TIdSASLLogin;
  idUserPassProvider: TIdUserPassProvider;
begin
  idSMTP1 := TIdSMTP.Create(nil);
  try
    idSMTP1.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(idSMTP1);
    idSMTP1.UseTLS := utUseExplicitTLS;
    TIdSSLIOHandlerSocketOpenSSL(idSMTP1.IOHandler).SSLOptions.Method := sslvTLSv1;

    idSMTP1.Host := 'smtp.office365.com';
    idSMTP1.Port := StrToInt(cbPort.Text);

    idSASLLogin := TIdSASLLogin.Create(idSMTP1);
    idUserPassProvider := TIdUserPassProvider.Create(idSASLLogin);

    idSASLLogin.UserPassProvider := idUserPassProvider;
    idUserPassProvider.Username := 'my username';
    idUserPassProvider.Password := 'my passowrd';

    idSMTP1.AuthType := satSASL;
    idSMTP1.SASLMechanisms.Add.SASL := idSASLLogin;

    try
      idSMTP1.Connect;
      try
        idSMTP1.Authenticate;
        SendEmail(idSMTP1);
      finally
        idSMTP1.Disconnect;
      end;
      ShowMessage('OK');
    except
      on E: Exception do
      begin
        ShowMessage(Format('Failed!'#13'[%s] %s', [E.ClassName, E.Message]));
        raise;
      end;
    end;
  finally
    idSMTP1.Free;
  end;
end;

procedure TForm28.Mehod1Click(Sender: TObject);
var
  idSMTP1: TIdSMTP;
begin
  idSMTP1 := TIdSMTP.Create(nil);
  try
    idSMTP1.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(idSMTP1);
    idSMTP1.UseTLS := utUseExplicitTLS;
    TIdSSLIOHandlerSocketOpenSSL(idSMTP1.IOHandler).SSLOptions.Method := sslvTLSv1;

    idSMTP1.Host := 'smtp.office365.com';
    idSMTP1.Port := StrToInt(cbPort.Text);

    idSMTP1.AuthType := satDefault;
    idSMTP1.Username := 'my username';
    idSMTP1.Password := 'my password';


    try
      idSMTP1.Connect;
      try
        idSMTP1.Authenticate;
        SendEmail(idSMTP1);
      finally
        idSMTP1.Disconnect;
      end;
      ShowMessage('OK');
    except
      on E: Exception do
      begin
        ShowMessage(Format('Failed!'#13'[%s] %s', [E.ClassName, E.Message]));
        raise;
      end;
    end;
  finally
    idSMTP1.Free;
  end;
end;

推荐答案

Office 365将

Office 365 will soon require TLS 1.2, but your code is forcing Indy to use TLS 1.0 instead. Office 365 officially does not support TLS 1.0 or 1.1 anymore, but it still accepts 1.0/1.1 sessions for the time being, but that will change in the coming months.

因此，至少，您需要更改此内容:

So, at the very least, you need to change this:

TIdSSLIOHandlerSocketOpenSSL(idSMTP1.IOHandler).SSLOptions.Method := sslvTLSv1;

对此:

TIdSSLIOHandlerSocketOpenSSL(idSMTP1.IOHandler).SSLOptions.Method := sslvTLSv1_2;

或者更好的是，

TIdSSLIOHandlerSocketOpenSSL(idSMTP1.IOHandler).SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];

话虽如此，使用 TIdSASLLogin 作为唯一的SASL机制与使用 TIdSMTP.AuthType = satDefault 完全相同.它们都向服务器发送相同的 AUTH LOGIN 命令.而该命令是失败的.但是没有办法确切地知道为什么会这样.身份验证失败"过于笼统地显示一条错误消息，并且有很多原因导致该错误在Office 365中发生.也许您使用的用户名/密码错误.服务器上未将由 TIdSMTP 在其 EHLO 命令 ¹ 中发送的主机名解析的IP地址列入白名单.谁知道.

That being said, using TIdSASLLogin as the sole SASL mechanism is exactly the same as using TIdSMTP.AuthType=satDefault. They both send the same AUTH LOGIN command to the server. And that command is what is failing. But there is no way to know for sure exactly why that is happening. "Authentication unsuccessful" is too generic an error message, and there are many reasons why that error occurs in Office 365. Maybe you are using the wrong username/password. Maybe the IP address resolved from the hostname being sent by TIdSMTP in its EHLO command ¹ is not whitelisted on the server. Who knows.

^{1:尝试将 TIdSMTP.HeloName 属性设置为客户端计算机的FQDN，可以从}

^{1: try setting the TIdSMTP.HeloName property to a FQDN for your client machine, which you can get from GetComputerNameEx().}

这篇关于如何解决[EIdSMTPReplyError]身份验证失败?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！