To send email with .net core, use Mailkit

.net core (1.0) doesn't include the same email sending stuff, so you need to install 3rd party packages, such as Mailkit (add it via nuget).

You also cannot currently use OAuth2 for this. (Discussion much lower down)

var message = new MimeMessage();
message.From.Add(new MailboxAddress(null, settings.SendMailFromAddress));
message.To.Add(new MailboxAddress(null, email));
message.Subject = subject;
message.Body = new TextPart("plain")
    Text = body

using (var client = new SmtpClient())
    client.Connect(settings.SendMailFromHost, settings.SendMailSMTPPort, settings.SendMailViaSSL);
    // Note: since we don't have an OAuth2 token, disable
    // the XOAUTH2 authentication mechanism.
    // Note: only needed if the SMTP server requires authentication
    client.Authenticate(settings.SendMailFromAddress, settings.SendMailFromPassword);

I got this working fairly easily (sending email from a dedicated gmail address) from my local machine -- but it failed from my digitalocean linux droplet:

MailKit.Security.AuthenticationException: Authentication failed.
   at MailKit.Net.Smtp.SmtpClient.Authenticate(Encoding encoding, ICredentials credentials, CancellationToken cancellationToken)
   at MailKit.MailService.Authenticate(String userName, String password, CancellationToken cancellationToken)

...with google reporting:

Subject: Someone has your password Message: Someone just used your password to try to sign in to your Google Account using an application such as an email client or mobile device.

And if you visit: you will see an "Unknown device" and this message:

We recently prevented a sign-in attempt from this device. You indicated this attempt as yours. For your security, we'll continue to show this device in the list for two weeks. You can also review this event in your Notification & alerts page.


Sign in attempt prevented by google

...which, if you expand, will reveal the IP Address (and a map of the location), which you should recognise as your droplet.

To get around this you need to login as that email address, from your desktop/regular machine, and then visit this url:

Leave that url open, and re-initiate the connection on your linux box. (i.e. get your digital ocean droplet to try once again to send an email)

It should now succeed.


There's a few funtime examples that say you should do something like this...

    var certificate = new X509Certificate2(@"C:\path\to\certificate.p12", "password", X509KeyStorageFlags.Exportable);
    var credential = new ServiceAccountCredential(new ServiceAccountCredential
        // Note: other scopes can be found here:
        Scopes = new[] { "" },
        User = ""

But .net core doesn't yet have an implementation of 'ServiceAccountCredential' -- so you can't use OAuth2 for this yet (unless you write all the necessary plumbing code yourself)

So you need to ensure your gmail account permits signin without use of a developer token. To enable this for your gmail account, you may need to (login as that user and then) visit: