Force Webmail Traffic Over HTTPS

This article applies to recent versions of SmarterMail. View articles for SmarterMail 15.x and earlier.
Google and other providers have recently started branding web interfaces as unsafe if they don't don't meet certain security requirements, not simply because malicious content is detected coming from the site. These security requirements could cause your site to be flagged as insecure, even if it doesn't contain malicious content. As such, System Administrators may wish to force all webmail traffic over HTTPS, rather than the default HTTP. This is a three-step process that includes a.) installing a valid SSL certificate on the server, b.) setting up SmarterMail in IIS and c.) enabling the setting within SmarterMail.
a.) Install SSL Certificate
A valid SSL certificate will need to be in place for each site that should force traffic over HTTPS. For more information on configuring SSL to secure SmarterMail, visit For instructions on installing the certificate on the SmarterMail server, please contact your certificate provider. 
b.) Set up SmarterMail in IIS
For more information on setting up SmarterMail as an IIS site, please follow the links below, which provide step-by-step instructions depending on the IIS version you're using:
c.) Enable the SmarterMail Setting
Follow these steps to enable the HTTPS setting within SmarterMail:
  1. Log into SmarterMail as a System Administrator. 
  2. Click the Settings icon.
  3. Click on the General Settings in the navigation pane.
  4. On the Server Info card, enable Force webmail to use HTTPS.
  5. Click Save.‚Äč When a visitor navigates to your SmarterMail site, their connection will automatically use HTTPS. 
Disabling HTTPS Traffic
In the event that you no longer wish to force traffic over HTTPS, simply uncheck the Force webmail to use HTTPS setting on the Server Info card of the General Settings page. 
Learn more about the SmarterMail secure business email server.

Add Feedback