"Enable TLS if supported by the remote server" causes problems

If I check the box to Enable TLS if supported by the remote server, mail will start backing up in my spool and will not deliver until I clear the check box and disable that function.
Any idea why this happens? If the remoter server does not support TLS, should it not fall back and deliver anyway? Not sure what is going on here but would appreciate insight.

Joe

Scarab Replied

2/29/2016 at 4:23 PM

Joe,

TLS requires both sides of the connection support TLS.

The Enable TLS if supported by the remote server setting requires that you have a SSL Certificate installed in SmarterMail that matches the FQDN (Fully Qualified Domain Name) of your server and that you have TLS 1.0, 1.1, and 1.2 enabled in the Operating System. (Instructions can be found at http://portal.smartertools.com/kb/a2671/configure-ssl-tls-to-secure-smartermail.aspx?KBSearchID=680920)

In such a case, if the remote server supports TLS then TLS is used, but if the remote server does not then it will use an unencrypted connection to send.

However, if your server's OS does not support TLS (Windows Server 2000/2003 for example) or you do not have TLS bound to any ports in SETTINGS > BINDINGS along with the Path to your SSL Certificate then mail in SmarterMail will hang as it will not be able to know how to negotiate a TLS connection for Outgoing SMTP, in which case the resolution is to disable Enable TLS if supported by the remote server setting.

1 Reply

Reply to Thread

Related Knowledge Base Articles

1 Reply

Reply to Thread

Tags

Related Knowledge Base Articles