My first suggestion would be to back up and use CDO for Windows. It replaces all of your own SMTP logic as well as handling SSL. Many people don't want to use it though, for whatever reasons. The only good one I can think of is to support Win9x.
My second suggestion is to fork over the cash for a commercial SSL socket component.
Lastly, you might take a look at two PSC projects:
SSL Class With Events
A Secure Sockets Layer (SSLv2) Client
The first is newer, based on the second one according to the comments there, and has a few improvements over it. But the second one had corrections/improvements added later that did not get ported over to the newer one!
They're both pretty raggedy, like most PSC code I've seen. The core ideas appear sound however.
Somebody with a clue should create a UserControl that rewrites and then wraps this logic with a Winsock control to produce a handy SSLSock control correcting the flaws in both of these projects. By sticking closely to the Winsock object model you'd have a near drop-in replacement lots of people might use, especially if you built it so that SSL could be switched on and off via a property setting.
I'd bet you could drop UDP support and a few little-used things like the deprecated PeekData() method and few people would ever complain. You might even get away with restricting it to Byte array send/receive, or maybe just Byte array and String?