Document information

Document ID: 4645
Subject: Using SSL for SMTP, POP3 and IMAP protocols
Creation date: 12/14/15 4:35 PM
Last modified on: 11/21/19 10:41 AM

Using SSL for HTTPS, SMTP, POP3 and IMAP

Using SSL (Secure Sockets Layer) in an email server offers a multitude of benefits that are crucial for ensuring the privacy and security of email communications. Firstly, SSL encryption safeguards the content of emails during transmission, making it extremely difficult for unauthorized parties to intercept or eavesdrop on sensitive information. This is especially vital for protecting confidential business communications and personal data. SSL also authenticates the identity of the email server, assuring users that they are connecting to a legitimate and trusted source. Furthermore, SSL helps prevent man-in-the-middle attacks, ensuring that the email server is tamper-proof. Overall, SSL enhances email security, builds trust with users, and safeguards the integrity and confidentiality of email messages, making it an essential tool in today's digital landscape.

Enabling SSL for HTTP

The following steps demonstrate how to enable SSL for HTTP.

  • Log in to the web console as an administrator.
  • Click Server Configuration.
  • Specify a port for Secure Web Server Port. The default value for is 443.
  • Restart Xeams.

Enabling STARTTLS for SMTP

You must enable SSL for HTTP before enabling it for SMTP. Then, use the following steps.

    • Log in to the web console as an administrator.
    • Click Server Configuration/SMTP Configuration.
    • Check Enable STARTTLS.
    • Save.

SSL Certificate

An SSL certificate is required before you can enable and use SSL for SMTP, POP3 and IMAP protocols. The following is a list of options you have when using a certificate.

Option 1 - obtaining a free SSL certificate from Let's Encrypt Recommended

Let's Encrypt is an open certificate authority that issues SSL certificates for free. Click here to watch a short video demonstrating the steps you need to take in order to get a free certificate that is trusted by most modern browsers.

There are multiple benefits of using this method:

  • It is free
  • It is the easiest method, apart from using a self-signed cert
  • It is programmatic. In other words, Xeams will be able to renew the certificate without any human intervention.

Option 2 - using a self-signed certificate

Simply change the value for Secure Web Server Port under Server Configuration and restart Xeams. Xeams will automatically download a self-signed certificate from Synametrics' Website. This certificate will NOT be trusted by any browser. This method should only be used for testing or non-production Xeams.

Option 3 - create a new certificate from scratch

Click here for instructions if you need to create a certificate from scratch and get it signed by a CA.

Option 4 - import an existing certificate from an IIS server

Click here for instructions on how to use an existing certificate from a Microsoft IIS server in Xeams.

Option 5 - import an existing certificate from an Apache server

Click here for instructions on how to use an existing certificate from an Apache server in Xeams.

Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post questions here. Instead, use our public forums to post questions.