You are here: > Email Component > TLS, SSL and SChannel
ActiveXperts Email Component Add SMTP/POP3 capabilities to any Windows or .NET application


SChannel, TLS and SSL explained

ActiveXperts Email Component makes use of the operating system's SChannel.dll module for secure SMTP- and POP3 communications. This allows Email Component to communicate with secure mail servers, including Microsoft Exchange. It also allows you to use Email Component with popular free mail servers that use secure communications only, including and
So, with Email Component you can use secure SMTP (default port: 465) and secure POP3 (default port: 995).


Schannel.dll is Microsoft's implementation of SSL/TLS, i.e. the Microsoft TLS/SSL Security Provider. The secure sockets layer (SSL) was designed to be a drop-in replacement for sockets. It performs authentication and enables developers to write and read from a "secure" socket. The Windows Server 2003 operating system and higher implement the TLS/SSL protocols through the schannel.dll module supplied with the operating system. The capability of the computer on the other side of the connection and the configuration of the individual application that is being used depends on the SSP.


TLS means: Transport Layer Security. It is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message.
TLS is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. The TLS Record Protocol provides connection security with some encryption method such as the Data Encryption Standard (DES). The TLS Record Protocol can also be used without encryption. The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged.


The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. Developed by Netscape, SSL also gained the support of Microsoft and other Internet client/server developers as well and became the de facto standard until evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate. TLS and SSL are an integral part of most Web browsers (clients) and Web servers. If a Web site is on a server that supports SSL, SSL can be enabled and specific Web pages can be identified as requiring SSL access. Any Web server can be enabled by using Netscape's SSLRef program library which can be downloaded for noncommercial use or licensed for commercial use. TLS and SSL are not interoperable. However, a message sent with TLS can be handled by a client that handles SSL but not TLS.