Preventing SMTP authentication through plain text connections


SUMMARY

You may wish to prevent plain SMTP authentication if the client is not on a secure connection (SSL or TLS). This can be useful when you wish to meet PCI compliance. Be careful when setting this value, as it will prevent users from sending email if they have not configured their email client to use SSL/TLS.

DETAIL

Setting the option is done through the administration program. Expand the Servers->localhost->Services and Connectors branch, right click on the SMTP icon and select Properties from the popup menu. In the window that appears select the Inbound tab and click Settings... under Port Settings. For each port you listen on, you can select the option "Only allow secure authentication (using SSL or TLS)".

You need to restart the SMTP service after any change.

REFERENCES

Configuring extra SMTP ports with this option:

Article ME020571

 



Product:MailEnable (ME-5.X ME-6.X Pro-5.X Pro-6.X Ent-5.X Ent-6.X)
Article:ME020583
Module:General
Keywords:pci,compliance
Class:HOWTO: Product Instructions
Revised:Saturday, January 14, 2017
Author:
Publisher:MailEnable