BizTalk – Sending messages via email

Before you get your hopes up, this is not a How To of sending messages via email using BizTalk, instead this is advice not to do it. Why is that you ask? See my reasoning below, feel free to use this to tell your boss/solution architect/client etc. as to why they shouldn’t implement a solution that sends business documents via email, except when they go to a person, rather than a system.

There is no interface contract

Unlike web services there is no WSLD or Swagger to define the interface, so how it is implemented at both ends is usually very loose. I’ve seen multiple solutions in Production that relied on messages received by email break when the sender decided to change how they were sending the payloads without notice.

It is insecure

It is ridiculously easy to spoof a From address or use a fake address that looks similar to the real one, and unless the receiver uses SPF, DKIM or DMARC the receiving mail server and system will not notice.

By default emails are sent un-encrypted, this could leave you open to a man in the middle attack where payloads are altered. So you have to encrypt or de-crypt in the MIME pipeline, and exchange certificates.

By default emails are digitally unsigned, so receiver cannot verify with 100% accuracy that the payload was sent from your system unless you go to the trouble of signing the payload and the receiving system verifies.

The authentication options to send emails are Basic, which sends credentials in the clear across your network, NTLM authentication (which is also vulnerable to chosen plaintext), or your mail server needs to be set not to authenticate client apps that are sending emails. The standard BizTalk SMTP adapter does not support SSL/TLS connections either. So you would have to use something like Stunnel as per an answer in the thread BizTalk 2016 SMTP/POP3 with TLS 1.2

SMTP Authentication types

For receiving emails your choices are Basic, Digest and SPA, but at least there is a Use SSL option available so your credentials aren’t sent in the clear. Note Use SSL probably also enables TLS, as the SSL protocols are deprecated and disabled in most systems.

POP3 Authentication Scheme

It is unreliable

There is no guaranteed delivery with emails. Email servers can occasionally start treating legitimate emails as SPAM, and then the emails and payloads are never received by the receiving system.

There us usually no acknowledgement mechanism that the email has been received* and processed. So again if you want that then the receiving system has to send an acknowledgement back somehow.

* as this mechanism was heavily abused by Spammers and so disabled on most mail servers.

It is complex to implement

There are also sorts of pitfalls when you try to send emails with documents attached, in getting it sent in the first place (security), how it is sent (body or attachment), getting the attachment names correct, and even the encoding of the attachments can cause issues, at one point there were three different standards for attachments, and usually the receiving system would only support one or maybe two of those.

For example, some Stackoverflow question over the years.

BizTalk Framework Assembler Pipeline Component

Tom Canter pointed the BizTalk Framework Assembler Pipeline Component out to me in response to this article, which overcomes some of the above.

Advertisement

Author: Coen (Colin) Dijkgraaf

A Integration Consultant for Datacom in Auckland, New Zealand, working mainly with BizTalk and Azure. You can follow me on Twitter, StackOverflow and WordPress

One thought on “BizTalk – Sending messages via email”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Mike the Tester

A blog about all things testing. Views are my own

Nick's Blog

Biztalk gotcha!

Whatever

FURIOUSLY REASONABLE

A Different Kind of Query

Technology, music, life, and musings

Vierodan IT Space

Spread up technology

BizTalk Server Help book!

Made easy and simple

nethramysooru

Blog on BizTalk Server

Blog Of the Serverless Spirit

Stray Notions on All Things Microsoft Azure and BizTalk

Microsoft Azure/BizTalk_Read

Let's learn and share !

Boutaleb Hicham

Biztalk & Azure Integration Architect : Logic Apps, Serverless, Azure Service Bus, BizTalk Server, and Hybrid Integration

Pieter Vandenheede

Stories, tips & tricks for BizTalk Server, Azure, Data Science & Machine Learning

Glenn Colpaert

Blogging with my head in the (Hybrid) Cloud and my feet on premises! Azure / IoT / Integration

BizMunch

BizTalk blog by Knut Urke

Dragon's BizTalk Blog

A blog about BizTalk, and other integration tools.

The Deployment Bunny

OS Deployment, Virtualization, Microsoft based Infrastructure...

Integration Made Easy

Demystify Integration Development

%d bloggers like this: