Can SmarterMail be made PCI compliant since SMTP can fallback to unencrypted?
Question asked by Sean Kelsey - December 7, 2017 at 11:24 AM
I've seen it referenced that SmarterMail is PCI 3.1 compliant from version 14.2.5704.
But how can that be if SMTP communications will fallback to unencrypted if a TLS connection cannot be made? I believe POP3 will fallback also?
We currently use our SmarterMail server as a relay to send session emails and alerts for website users. Opportunistic TLS encryption is enabled but there is still no force TLS option. We also use POP3 to track bouncebacks.
Can SmarterMail be made PCI compliant?
It looks like we might have to drop SmarterMail due to compliance reasons.

Reply to Thread