SSL/encryption of Emails

solucionmike
Posts: 88
Joined: Sat Dec 10, 2005 6:37 pm
Location: Mexico
Contact:

SSL/encryption of Emails

Postby solucionmike » Thu Apr 19, 2018 1:32 am

Hi, was searching the web for details of how I make my MailEnable server use a secure certificate for SMTP, IMAP and POP. It appears it can, but is unclear exactly what needs to be done on the Server as well the Mail client (like Outlook, do they use same SMTP, POP and IMAP ports as non SSL or use different ports), and those accounts that do not wish to use SSL can they just leave everything the same, without disruption etc. and continue without SSL as if nothing happened. Also, any positive or negative experience using SSL for emails with MailEnable.
If there is a link with a full description that would be great. Thanks
Mike May

MailEnable-Ian
Site Admin
Posts: 8738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: SSL/encryption of Emails

Postby MailEnable-Ian » Fri Apr 20, 2018 6:05 am

Hi,

Start by reviewing this document on how to integrate an SSL certificate within MailEnable:
http://www.mailenable.com/documentation/10.0/Enterprise/webframe.html#Localhost_-_Secure_Sockets_Layer_(SSL)_encryption.html

IMAP: http://www.mailenable.com/documentation/10.0/Enterprise/IMAP_General.html
SMTP: http://www.mailenable.com/documentation/10.0/Enterprise/SMTP_props_-_General.html
POP: http://www.mailenable.com/documentation/10.0/Enterprise/POP_General.html

You can leave the default ports for IMAP, SMTP and POP and simply add alternative ports for SSL. I.e: IMAP 993, SMTP 465 and POP 995
Regards,

Ian Margarone
MailEnable Support

solucionmike
Posts: 88
Joined: Sat Dec 10, 2005 6:37 pm
Location: Mexico
Contact:

Re: SSL/encryption of Emails

Postby solucionmike » Fri May 11, 2018 8:15 am

Hi Ian, Thanks and just to confirm a few things to make sure minimum disruption to existing users:
1) The DNS MX record will need to be changed to the same domain name as an SSL Certificate already purchased e.g. secure.mydomain.com
2) The same certificate is selected under MailEnable Managemnet->Severs->Localhost-> properties -> SSL
3) Under MailEnable Managemnet->Severs->Localhost-> Services and Connectors add the additional Alt Ports for each service: IMAP 993, SMTP 465 and POP 995
4) Add the new IP Address assigned to the SSL certificate at SMTP Properties->Inbound (and keep existing IPs as they are)
5) For MailEnable Outbound IP Binding just keep as is.
6) POP Properties add the new IP Address assigned to the SSL certificate (and keep existing ones)
7) IMAP Properties add the new IP Address assigned to the SSL certificate (and keep existing ones)
8) Email Client Software (e.g. Outlook etc.) that want to use SSL update the incoming/outgoing mail server to secure.mydomain.com and add those new SSL Server Port Numbers for the IMAP, SMTP and POP3, and also select use SSL/TLS.
Final question, if above is correct, do other users that don't want to use SSL/TLS - and their existing Mail Server name is still valid (e.g. mail.theirdomain.com) they just keep their existing Email Client settings without change and will not be aware of SSL being available (e.g. No security warnings) .
Many thanks
Mike
Mike May

MailEnable-Ian
Site Admin
Posts: 8738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: SSL/encryption of Emails

Postby MailEnable-Ian » Mon May 14, 2018 6:25 am

Hi,

Steps are fine. And yes the clients that are not going to use SSL can leave the same settings providing they are using the same host name still resolves to the same IP.
Regards,

Ian Margarone
MailEnable Support

Who is online

Users browsing this forum: No registered users and 40 guests