Secure SMTP with Spring JavaMailSender
If you like this article, please like and share it with your friends and colleagues.
Overview
This article discusses the use of Java Mail in the context of migrating email services to Google Apps For Your Domain. The author shares their experience with using the free service and encountered a problem with using the secure SMTP protocol to send emails programmatically through their old email account with the Spring JavaMailSender.
The issue was attributed to the older version of Java Mail (1.3) they were using, which lacked support for sending emails through the secure SMTP protocol. Additionally, the default implementation of JavaMailSender in the Spring Framework did not handle sending messages through the secure smtp (smtps) protocol efficiently.
This article emphasizes the importance of keeping software up-to-date to ensure compatibility with modern protocols and features. It also highlights the need for developers to conduct thorough research on third-party tools and libraries before incorporating them into their applications to avoid potential compatibility issues.
Like many cost-effective individuals out there I migrated most of my email service which I was paying approximately $50/year for to use Google Apps For Your Domain. This is a free service that in fact I am very satisfied with. But using the smtp service with the Spring JavaMailSender on my old email account was straight forward. The problem I now have is that Google Apps For Your Domain uses the secure SMTP protocol to send emails and because I was using an older version of Java Mail (1.3) I could not programmatically send emails using the secure smtp protocol. In addition to that, the default implementation of JavaMailSender (JavaMailSenderImpl.java) in Spring Framework currently does not have the ability to smoothly handle sending messages using the secure smtp (SMTPS) protocol.
In developing my web application, I encountered an issue with sending test emails and notifications to users as I did not have access to my own SMTP server. To work around this, I decided to temporarily use a Gmail account for sending the messages during development. However, I soon realized that Gmail uses the secure SMTP protocol to send email messages and requires user authentication, which posed a challenge for my application.
What is SMTP and Secure SMTP?
SMTP (Simple Mail Transfer Protocol) is a standard communication protocol used for sending and receiving email messages between servers and clients. SMTP servers are responsible for delivering email messages from one computer to another using a series of rules and protocols.
Secure SMTP, or SMTPS, is a variant of SMTP that uses encryption and authentication to provide a secure channel between email clients and servers. It employs SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt and secure email transmissions, preventing unauthorized access and ensuring that messages are not intercepted or modified during transit.
Secure SMTP is essential for sending sensitive or confidential information via email, such as financial statements, personal data, and login credentials. It is also commonly used for sending marketing emails, newsletters, and other types of mass mailings that require a high level of security and reliability.
Java Libraries You Will Need
In further investigating this issue it turns out that pre Java Mail 1.4, there is no support for SMTPS Protocol. So we need to download the latest version at Java Mail.
Option #1: Download the latest Java Mail API jars.
When using this route be warned that on the final click to download the java mail product you will be re-routed to install the Sun(TM) Download Manager. I am just really puzzled why Sun(TM) has the need to create their own download managers.
Option #2: Download the latest J2EE
Edition and use the mail.jar that came with that product.
The particular class file that you want to check for in these jars are: com.sun.mail.smtp.SMTPSSLTransport.
Please note that for either options you will still need the Java Activation Framework (activation.jar).
JavaMailSenderImpl with Secure SMTP/SMTPS Support
In my own extension of the the JavaMailSenderImpl.java (see Source Code), it will automatically set the protocol to smtps and add Java Mail smtps properties if the property smtp.isSecure is set to true. Basically, the properties smtp host, username, password, and port will be required. Also note the property smtp.isSecure is not a Java Mail property. It is just the property name that I came up with so that the code can toggle between normal smtp and smtps protocol.
I also created an override for the super.doSend(..) method so that after calling the Transport.connect(..) method, it will test for connection via the Transport.isConnected() method. This is just an extra step to make sure that we are connected to the SMTPS server and may not be needed in some cases.
Futhermore, If you have a CRUD for the server configuration, the mail.properties value may be replaced with an implementation that retrieves its values from the database as well.
Update
The solution below now works using Spring 3.x+ version and Java Mail 1.4.5+. The following Spring config is all you need to enable smtps.
XML-based Spring Configuration
<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl"
p:protocol="smtps" p:host="smtp.gmail.com" p:port="465"
p:username="morpheus@gmail.com" p:password="take-the-blue-pill" />
Java-based Spring Configuration
Here is a Java-based configuration for Spring that sets up a JavaMailSender with the provided properties:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.mail.javamail.JavaMailSenderImpl;
@Configuration
public class MailConfig {
@Bean
public JavaMailSender javaMailSender() {
JavaMailSenderImpl mailSender = new JavaMailSenderImpl();
mailSender.setHost("smtp.gmail.com");
mailSender.setPort(465);
mailSender.setProtocol("smtps");
mailSender.setUsername("morpheus@gmail.com");
mailSender.setPassword("take-the-blue-pill");
return mailSender;
}
}
You can then use the JavaMailSender in your application by autowiring it into your classes, for example:
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mail.MailException;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.mail.javamail.MimeMessageHelper;
import org.springframework.stereotype.Component;
import javax.mail.MessagingException;
import javax.mail.internet.MimeMessage;
@Component
public class EmailService {
@Autowired
private JavaMailSender javaMailSender;
public void sendEmail(String recipient, String subject, String text) throws MailException, MessagingException {
MimeMessage mimeMessage = javaMailSender.createMimeMessage();
MimeMessageHelper helper = new MimeMessageHelper(mimeMessage, true);
helper.setTo(recipient);
helper.setSubject(subject);
helper.setText(text, true);
javaMailSender.send(mimeMessage);
}
}
In Conclusion
In conclusion, this article highlights the importance of keeping software up-to-date and conducting thorough research on third-party tools and libraries before incorporating them into your applications. The author’s experience with using the secure SMTP protocol to send emails using Spring JavaMailSender with an older version of Java Mail is a reminder that technology is constantly evolving, and it is crucial to stay up-to-date with the latest versions and protocols to avoid compatibility issues.
Furthermore, the article provides valuable insight and solutions for developers facing similar challenges, such as using the latest Java Mail API jars or the latest J2EE edition and creating an extension of the JavaMailSenderImpl.java class to support the secure SMTP/SMTPS protocol. By following these recommendations, developers can ensure smooth and secure email communication in their applications.
If you like this article, please like and share it with your friends and colleagues.
Related Articles:
Spring • Custom Annotations & AnnotationUtils
Post Date: 06 Dec 2023
Spring, a powerhouse in the Java ecosystem, is renowned for simplifying the development process of stand-alone, production-grade Spring-based applications. At its core, Spring leverages annotations, a form of metadata that provides data about a program but isn’t part of the program itself. These annotations are pivotal in reducing boilerplate code, making your codebase cleaner and more maintainable.
Spring • Custom Annotations & AspectJ In Action
Post Date: 06 Dec 2023
In this article, we delve into the dynamic world of Spring Framework, focusing on the power of custom annotations combined with AspectJ. We’ll explore how these technologies work together to enhance the capabilities of Spring applications. For those already versed in Spring and the art of crafting custom annotations in Java, this piece offers a deeper understanding of integrating AspectJ for more robust and efficient software design.
Mastering Testing with @MockBean in Spring Boot
Post Date: 01 Dec 2023
In the realm of Java application development, the @MockBean annotation in Spring Boot is pivotal for effective testing. Part of the org.springframework.boot.test.mock.mockito package, it facilitates the creation and injection of Mockito mock instances into the application context. Whether applied at the class level or on fields within configuration or test classes, @MockBean simplifies the process of replacing or adding beans in the Spring context.
Spring Boot MockMVC Best Practices
Post Date: 16 Nov 2023
Spring MockMVC stands as a pivotal component in the Spring framework, offering developers a robust testing framework for web applications. In this article, we delve into the nuanced aspects of MockMVC testing, addressing key questions such as whether MockMVC is a unit or integration test tool, its best practices in Spring Boot, and how it compares and contrasts with Mockito.
Spring Boot • Logging with Logback
Post Date: 19 Oct 2023
When it comes to developing robust applications using the Spring framework, one of the key aspects that developers need to focus on is logging. Logging in Spring Boot is a crucial component that allows you to keep track of the behavior and state of your application.
Spring • DevOps Best Practices with Spring Profiles
Post Date: 19 Oct 2023
The integration of Spring with DevOps practices is integral to modern application development. This guide will provide a deep dive into managing Spring profiles efficiently within machine images like Docker, including essential security-specific configurations for production Spring profiles and the handling of AWS resources and secret keys.
Spring Boot • Environment Specific Profiles
Post Date: 19 Oct 2023
When building a Spring Boot application, it’s essential to have different configurations for various environments like development (dev), testing (test), integration, and production (prod). This flexibility ensures that the application runs optimally in each environment.
Spring WebFlux/Reactive • Frequently Asked Questions
Post Date: 17 Oct 2023
In the evolving landscape of web development, reactive programming has emerged as a game-changer, offering solutions to modern high-concurrency, low-latency demands. At the forefront of this shift in the Java ecosystem is Spring WebFlux, an innovative framework that champions the reactive paradigm.
Spring Validation • Configuring Global Datetime Format
Post Date: 17 Oct 2023
In the world of Java development, ensuring proper data validation and formatting is crucial. One key aspect of this is configuring a global date and time format. In this article, we will delve into how to achieve this using the Spring Framework, specifically focusing on Java Bean Validation.
Spring Java Bean Validation
Post Date: 17 Oct 2023
The Spring Framework, renowned for its versatility and efficiency, plays a pivotal role in offering comprehensive support for the Java Bean Validation API. Let’s embark on an exploration into the world of Bean Validation with Spring.
Spring 5 • Getting Started With Validation
Post Date: 17 Oct 2023
Validation is an essential aspect of any Spring Boot application. Employing rigorous validation logic ensures that your application remains secure and efficient. This article discusses various ways to integrate Bean Validation into your Spring Boot application within the Java ecosystem. We’ll also explore how to avoid common pitfalls and improve your validation processes.
Spring 6 • What's New & Migration Guide
Post Date: 16 Oct 2023
The Spring Framework’s legacy in the Java ecosystem is undeniable. Recognized for its powerful architecture, versatility, and constant growth, Spring remains at the forefront of Java development. The release of Spring Framework 6.x heralds a new era, with enhanced features and revisions that cater to the modern developer’s needs.
Spring UriComponentsBuilder Best Practices
Post Date: 16 Oct 2023
The Spring Framework offers an array of robust tools for web developers, and one such utility is the UriComponentsBuilder. This tool provides an elegant and fluent API for building and manipulating URIs. This article offers a deep dive into various methods and applications of UriComponentsBuilder, backed by practical examples.
Spring Field Formatting
Post Date: 02 Oct 2023
Spring Field Formatting is a pivotal component of the Spring Framework, allowing seamless data conversion and rendering across various contexts, particularly in client environments. This guide provides an in-depth look into the mechanics, interfaces, and practical implementations of Spring Field Formatting, elucidating its significance in modern web and desktop applications.
Spring Validator • Resolving Error Codes
Post Date: 01 Oct 2023
Data validation is paramount for web applications, ensuring user input aligns with application expectations. Within the Spring ecosystem, validation and error message translation are critical components, enhancing user experience.
Spring Validator Interface
Post Date: 01 Oct 2023
Spring offers a robust framework for application developers, with one of its standout features being data validation. Validation is essential for ensuring the accuracy, reliability, and security of user input. In this guide, we’ll delve deep into Spring’s Validator interface, understand its significance in the context of web applications, and explore how to implement it effectively.
Spring Type Conversion
Post Date: 01 Oct 2023
Spring provides a robust type conversion system through its core.convert package, offering a versatile mechanism for converting data types within your applications. This system leverages an SPI (Service Provider Interface) for implementing type conversion logic and a user-friendly API for executing these conversions during runtime.
Spring Framework Expression Language
Post Date: 01 Oct 2023
Spring, the ever-evolving and popular framework for Java development, offers a myriad of functionalities. Among these, the Spring Expression Language (SpEL) stands out as a notable feature for its capability to manipulate and query object graphs dynamically. In this comprehensive guide, we unravel the intricacies of SpEL, shedding light on its operators, syntax, and application.
Spring Framework Annotations
Post Date: 01 Oct 2023
Spring Framework has solidified its place in the realm of Java-based enterprise applications. Its annotations simplify the coding process, enabling developers to focus on the business logic. This article delves into the core annotations in the Spring Framework, shedding light on their purposes and usage. Through this comprehensive guide, we aim to provide clarity and depth on these annotations.
Spring Controller vs RestController
Post Date: 01 Oct 2023
The Spring MVC framework stands out as one of the most robust and versatile frameworks in the realm of Java web development. At the heart of its dynamism are two key annotations: @Controller and @RestController. These annotations not only define the structure but also dictate the behavior of web applications. This exploration aims to provide a deeper understanding of these annotations, their respective functionalities, and when to optimally use them.
Spring Boot Conditional Annotations
Post Date: 01 Oct 2023
The world of Java programming, notably within the Spring Framework, constantly evolves, offering developers powerful tools and techniques to streamline application building. One such tool that stands out is the @Conditional annotation. This robust tool in Spring Boot is an absolute game-changer, offering a range of built-in annotations that allow developers to control configurations based on multiple criteria.
Spring Bean Manipulation and the BeanWrapper
Post Date: 01 Oct 2023
In the realm of Java-based applications, the Spring Framework is renowned for providing powerful tools to manipulate and manage bean objects. Central to this process is the BeanWrapper. This article delves into the essence of Bean Manipulation, shedding light on the BeanWrapper, and the various tools provided by the Spring Framework and java.beans package.
Managing AWS CloudFront Using Spring Shell
Post Date: 26 May 2023
This article explores an efficient approach to deploying static pages in CloudFront while leveraging the content delivery capabilities of AWS S3 and the convenience of Spring Shell Command-Line Interface (CLI) using the AWS SDK for Java.
Spring Framework Events
Post Date: 17 May 2023
Spring Framework provides a powerful event handling mechanism that allows components within an application context to communicate and respond to events. This mechanism is based on the Observer design pattern and is implemented using the ApplicationEvent class and the ApplicationListener interface.
Spring Bean Scopes
Post Date: 16 May 2023
Understanding and Utilizing Bean Scopes in the Spring Framework
In this article, we will delve into the concept of bean scopes in Spring Framework. Understanding and effectively utilizing bean scopes is essential for controlling the lifecycle and behavior of your beans, allowing you to enhance the flexibility and power of your Spring applications.
Spring 6 Error Handling Best Practices
Post Date: 15 May 2023
Error handling and exception design are integral components of developing Spring RESTful APIs, ensuring the application’s reliability, stability, and user experience. These practices enable developers to effectively address unexpected scenarios, such as invalid requests, database errors, or service failures, by providing graceful error responses.
Spring Boot, Jackson, and Lombok Best Practices
Post Date: 12 Apr 2023
This article discusses the recommended practices for using Jackson and Lombok in conjunction with Spring Boot, a popular framework for building enterprise-level Java applications.
Encrypting Properties File Values with Jasypt
Post Date: 28 Mar 2023
Property files are text resources in your standard web application that contains key-value information. There may come a time when information should not be stored in plain sight. This article will demonstrate how to encrypt properties file values using Jasypt encryption module. Jasypt is freely available and comes with Spring Framework integration.
Spring Boot Profiles & AWS Lambda: Deployment Guide
Post Date: 20 Oct 2019
In this article, we will explore how to leverage the Spring Boot Profiles feature in an AWS Lambda Compute environment to configure and activate specific settings for each environment, such as development, testing, integration, and production.
AWS Lambda with Spring Boot: A Comprehensive Guide
Post Date: 28 Apr 2019
This article explores the benefits of using Spring Boot with AWS Lambda, a powerful serverless compute service that enables developers to run code without worrying about server management. By integrating with the AWS cloud, AWS Lambda can respond to a variety of AWS events, such as S3, Messaging Gateways, API Gateway, and other generic AWS Resource events, providing an efficient and scalable solution for your application needs.
