Force TLS on 587 - SmarterTools

I've seen a thread related to this tonight, and even bumped that thread tonight on this issue, but just in case I'm not completely understanding I'm posting this as a new thread in as concise a way as possible.

If users want to send via our smarter mail server using outlook, thunderbird, etc, and they want to be unencrypted - go ahead and use port 25 - see if I care. I know 25 has to remain unencrypted in order for the world of email to function. However if you are authenticating using 587, I want to force you to use and encrypted connection.

Am I right that this is not possible at this time? I'm doing some testing and it allows me to connect via 587 with an unecrypted connection, even though I have TLS turned on that port.

Tony Evers Replied

3/6/2017 at 5:11 PM

Are you cereal? There are zero replies to this...what am I missing - is it that dumb a question?

Employee Replied

3/7/2017 at 8:37 AM

Employee Post Marked As Answer

Hello Tony. Even if TLS is enabled for ports 25/587, an unencrypted connection is still available.

Douglas Foster Replied

3/11/2021 at 7:43 AM

Very late answer, but based on my understanding:

1) Configuring a port for "TLS" disables SSLv3 but uses STARTTLS, making encryption optional. Configuring a port for "SSL" makes encryption mandatory but enables SSLv3. Therefore, in the newest builds, mandatory encryption should be achievable by configuring the port for "SSL", then configuring the SmarterMail environment to use operating system settings, then configuring operating system SCHANNEL settings to disable SSLv3. The difference in behavior between port SSL and port TLS is not well documented!

3 Replies

Reply to Thread

Related Knowledge Base Articles

3 Replies

Reply to Thread

Tags

Related Knowledge Base Articles