HMAIL Email Server SSL Setup Diagnostics Failing on Port 443 - Do I also need Port 25?

I have setup my Hmail Server.  I have changed my TCP ports to all use my SSL Certificate.

The Diagnostics now fail as it still looks for port 25.  If I add Port 25 it works fine.  Does this affect my SSL security or is it needed to receive mail from unsecured users that only use port 25??

Do I need to have an Unsecure Port 25 open for it to work?

Is the security then managed by the Email application on the users computer being setup to SEND and RECEIVE using the SSL port?

My Hmail TCP IP Address Settings - Only for SSL
The Image below shows the diagnostic result.. If I add Port 25 for the same IP it WILL work.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dan CraciunIT ConsultantCommented:
You normally keep port 25 open for unencrypted emails and create a secondary port, check "Use SSL" on it and then configure the email clients to send email using the new port.

And yes, it's the email client's job to use the encryption.

But do not use the same port for POP, IMAP and SMTP. That's asking for a lot of trouble. I recommend using the standard ports: 995 for POP3, 465 for SMTP.
They'll be automatically selected on the email clients when your users check "Use SSL" and you'll have one less thing to go wrong.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
XGISAuthor Commented:
Thankyou Dan.. that helps clear things up a bit.  I have the SSL using port 443 through the IIS8 server which runs my  Will the SSL certificate still "see" SMTP and POP3 using those default ports or is not restricted by which port it is assigned to in IIS?  Do the settings I have look like all that should be present?

New Hmail TCP Settings
The following settings from outlook 2013 do not work and prevent send receive.  I even turned off windows firewall at both ends and tried many combinations with no success.  If I turn off SSL settings and use standard 25,110 ports in outlook it all works fine.
Internet mail settings
pls advise
Dan CraciunIT ConsultantCommented:
443 is the standard port for https. That's what IIS uses.

For email you should use different ports: 995 for POP3, 993 for IMAP, 465 for SMTP.

So remove the 443 port from Hmail, add 993 only if you use it (ie you have users using IMAP).

Did you restart your Hmail Server after switching ports? These are the steps:

1. Start hMailServer Administrator
2. Navigate to Settings->Advanced->TCP/IP ports
3. Select/create a port
4. Select "Use SSL" and the certificate.
5. Save the changes
6. Restart hMailServer
XGISAuthor Commented:
Hello Dan...
pls note i found my solution here  HMailserver Forum Fix SSL issues

I ended up using openssl to discombobulate the ssl certificate and make a private and public key which is then referenced by hmail.

Now outlook 2013 works with full ssl settings turned on whereas before it would not authenticate with the server.  There are probably other solutions but the one from 'minimalist' worked.

Hmail SSL TCP Ports
XGISAuthor Commented:
Good information that helped clarify the proper settings
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Protocols

From novice to tech pro — start learning today.