SMTP over SSL

Hi,
one of my customers(development department) demand SMTP over SSL and POP3 for testing purposes(application testing)
I have no problem  authenticated using first step in Outlook test ( POP3), but when test tries to send mail(SMTP over SSL), in outlook, i get the following error in client :
2.png1.png
SMTP over TLS works fine!!

Is it posible to configure SMTP over SSL?
Microsoft says:
„Secure Sockets Layer (SSL) is being replaced by Transport Layer Security (TLS) as the protocol that's used to encrypt data sent between computer systems.“
https://technet.microsoft.com/en-us/library/gg298947(v=exchg.160).aspx
LVL 1
AndyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Whether you can use TLS (preferred) or SSL depends on the mail server only. If it is your own mail server, you can try to set it up for SSL, but otherwise no dice.
0
AndyAuthor Commented:
Is it posible to configure SMTP over SSL in Exchange server?

Microsoft says:

"Secure Sockets Layer (SSL) is being replaced by Transport Layer Security (TLS) as the protocol that's used to encrypt data sent between computer systems."
https://technet.microsoft.com/en-us/library/gg298947(v=exchg.160).aspx

and:
"Transport Layer Security (TLS), and SSL that came before TLS, are cryptographic protocols that secure communication over a network by using security certificates to encrypt a connection between computers. TLS supersedes Secure Sockets Layer (SSL) and is often referred to as SSL 3.1."
https://support.office.com/en-us/article/How-Exchange-Online-uses-TLS-to-secure-email-connections-in-Office-365-4cde0cda-3430-4dc0-b489-f2c0736c929f
0
Pushpakumara MahagamageVPCommented:
SMTP port has to change to your SSL port number default is 465, according to your image attached. email servers use TLS.

if you have to provide SMTP over SSL. Just create new gmail and give him for testing, other than changing your exchange server. or keep a sandbox exchange for such testing otherwise your exchange server IP may black listed.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
Using port 25 and allowing STARTTLS command is another way to switch to SSL, but it might not work here. Port 465 is usually much more reliable.
0
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
1) So your login worked. This suggest you have your SSL certs setup correctly.

Port 25 is used for non-authenticated mail submission (server to server conversations).

Port 465 is deprecated. Best not to use this port anymore.

Port 57 is used for authenticated mail submission. Best to use this port as it's normally on be default for TLS/SSL transactions.

2) Sending a test message failed.

This has nothing to do with mail reading (step #1).

This has to do with your outgoing SMTP setup. So in this case you'll be using your own native MTA or if you require high deliverability a relay services like MailGun.

To debug this problem use http://www.jetmore.org/john/code/swaks/ to generate a manual mail transaction, so you can debug submission.

Then look at your MTA logs or Relay Service logs to debug deliverability.
1
AndyAuthor Commented:
Hi,
I will create new gmail account and give him for testing SMTP over SSL as Pushpakumara Mahagamage proposed,
because Im not sure that SMTP over ssl is posible in Exchange,and even if it is posible,Im  sure its not secure.
0
Christopher Jay WolffWiggle My Legs, OwnerCommented:
As Qlemo said right away, depends on server setup.

In your links provided, one is about Exchange Online which will be up to date and be using TLS.

Gmail will be up to date also so I understand SSL will not be available.
Note: SSL has been superseded by Transport Layer Security (TLS). Don't worry if you see mention of SSL in G Suite. All areas that mention SSL are now using TLS. TLS is an industry-wide standard based on Secure Sockets Layer (SSL) technology that encrypts mail for secure delivery. G Suite supports the latest main versions of TLS, including 1.1 and 1.2. Learn about changing the Secure transport (TLS) compliance setting and configuring advanced settings for Gmail.
As described here.
https://support.google.com/a/answer/100181?hl=en

Some companies can offer you email with older SSL setups that haven't been upgraded to TLS (e.g., inmotionhosting.com) but why start that if it's out of date, and the hosting company will probably switch soon to TLS?

Here below is an excerpt from a great "best practices" article on Exchange.
Know what your version of Exchange supports

Some applications sometimes need to be re-compiled and tested to take advantage of these new protocols. So, every part of Exchange and Windows-based clients need to be examined and tested thoroughly. Currently, for Exchange Server, we are aware of the following limitations:
•SMTP – key piece of Exchange server infrastructure – support for TLS 1.1 and 1.2 were added in Exchange Server 2013 CU8 and Exchange Server 2010 SP3 RU9. This means if you want to add support for the latest ciphers and TLS versions, you may need to apply an update.
Please read the entire article at the link:
https://blogs.technet.microsoft.com/exchange/2015/07/27/exchange-tls-ssl-best-practices/

Here is a link on how to install SSL with Exchange 2016.
https://social.technet.microsoft.com/wiki/contents/articles/31783.exchange-server-2016-configure-ssl-certificate.aspx
1
Pushpakumara MahagamageVPCommented:
gmail still supports SSL. But ask your developer to be careful if he sending bulk email/huge amount of email. you may violate gmail terms and condition.

if you are ready to give test mail box from your production exchange

 Get a good understanding about black list
http://www.inmotionhosting.com/support/email/email-troubleshooting/why-do-mail-servers-get-blacklisted

Don't use open relay to resolve sending issue from dev PC. Use required authentication to send mail
 
https://support.google.com/mail/answer/7104828?authuser=1&hl=en-GB&authuser=1&visit_id=1-636480008573723264-2204669169&rd=1
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.