|
| 1 | +--- |
| 2 | +RFC: RFC0042 |
| 3 | +Author: Travis Plunk |
| 4 | +Status: Final |
| 5 | +SupercededBy: N/A |
| 6 | +Version: 1.0 |
| 7 | +Area: cmdlets |
| 8 | +Comments Due: 4/30/2019 |
| 9 | +Plan to implement: No |
| 10 | +--- |
| 11 | + |
| 12 | +# Obsoleting `Send-MailMessage` |
| 13 | + |
| 14 | +`Send-MailMessage` does not support many modern protocols leading to the inability to use this with modern secure mail services. |
| 15 | +See [DotNet DE0005](https://github.com/dotnet/platform-compat/blob/master/docs/DE0005.md). |
| 16 | +Since the protocols it uses are no longer considered secure, the cmdlet as is should not be used. |
| 17 | +I recommend that we implement a plan to remove the cmdlet from powershell core and, if needed, |
| 18 | +re-implement as a separate module. |
| 19 | + |
| 20 | +## Motivation |
| 21 | + |
| 22 | +### Primary |
| 23 | + |
| 24 | +The underlying API, [`SmtpClient`](https://docs.microsoft.com/dotnet/api/system.net.mail.smtpclient), doesn't support many modern protocols. |
| 25 | +It is compat-only. |
| 26 | +It's great for one off emails from tools, but doesn't scale to modern requirements of the protocol. |
| 27 | + |
| 28 | +### Secondary |
| 29 | + |
| 30 | + Most major mail platforms now have REST methods to send mail, which allows `Invoke-RestMethod` to allow sending mail messages. |
| 31 | + |
| 32 | + * gmail |
| 33 | + * https://developers.google.com/gmail/api/v1/reference/users/messages/send |
| 34 | + * https://stackoverflow.com/questions/24460422/how-to-send-a-message-successfully-using-the-new-gmail-rest-api |
| 35 | + * Office365 |
| 36 | + * https://docs.microsoft.com/en-us/previous-versions/office/office-365-api/api/version-2.0/mail-rest-operations#SendMessages |
| 37 | + |
| 38 | +## Obsoletion Plan |
| 39 | + |
| 40 | +### Add a warning to 6.2 |
| 41 | + |
| 42 | +In a 6.2, we have added an obsolete warning to `Send-MailMessage` that an alternative method should be found. |
| 43 | + |
| 44 | +**Note:** Adding an obsolete warning should not break compatibility in any way. |
| 45 | + |
| 46 | +### If needed, develop an alternative |
| 47 | + |
| 48 | +If needed, develop a new cmdlet based on the DotNet recommended solution of [MailKit](https://github.com/jstedfast/MailKit). |
| 49 | + |
| 50 | +## Alternate Proposals and Considerations |
| 51 | + |
| 52 | +### Remove the cmdlet during 6.3 |
| 53 | + |
| 54 | +During the development of 6.3, remove the `Send-MailMessage` cmdlet. |
| 55 | + |
| 56 | +Feedback on this option was negative and the RFC has been updated with then next most reasonable option. |
| 57 | + |
| 58 | +### Community replacement |
| 59 | + |
| 60 | +The community could develop a replacement that can could be incorporated back into PowerShell Core. |
| 61 | +This has the disadvantage of increasing the size of PowerShell Core and delaying the solution. |
| 62 | + |
| 63 | +### Positive confirmation of issue in 6.3 |
| 64 | + |
| 65 | +We could add a switch requiring the user to accept the risk of using older **possibly** less secure implementations. |
| 66 | +This switch would be called `-AllowUnsecureConnection` and would be mandatory. |
| 67 | + |
| 68 | +**Note:** The switch name is based on the [DSC Property](https://docs.microsoft.com/en-us/powershell/dsc/managing-nodes/metaconfig#configuration-server-blocks) |
| 69 | + |
| 70 | +However, given the high usage of `Send-MailMessage` in automated scenarios (like scheduled tasks), |
| 71 | +and the plan to work on a `MailKit` based alternative, we'd rather leave the cmdlet working as-is |
| 72 | +for the time being. |
| 73 | + |
| 74 | +### Additional considerations |
| 75 | + |
| 76 | +#### GMail REST API |
| 77 | + |
| 78 | +To use the GMail REST API the following additional items are needed |
| 79 | + |
| 80 | +#### WebSafeBase64 |
| 81 | + |
| 82 | +For GMail, a MIME message is required to be encoded in this format. |
| 83 | +https://code.google.com/p/stringencoders/wiki/WebSafeBase64 |
| 84 | + |
| 85 | +#### Something to compose the MIME message |
| 86 | + |
| 87 | +For GMail, you have to pass the MIME message. |
0 commit comments