none
Enable SSL over 587 or 465 not TLS

    Question

  • Would liek to configure a Receive Connector on either port 465 or 587 to allow SSL - similar to how POP3 is configured.

    The situation is that my client is on a mobile device that only has one setting - Enable Secure Connection

    Apparently the Enable Secure Connection means SSL only, and TLS is not available.

    Enable Secure Connection works for POP3S (995) because POP3 is configured as a service that uses the common name cert for my webmail - thus the mobile device can establish an SSL connection.

    I have tested on an Outlook client that shows SSL/TLS/Auto for Outgoing SMTP security... if SSL is available in Outlook 2003/2007 where do I configure the server for this?

    Thanks

    J

    Tuesday, February 15, 2011 5:12 PM

All replies

  • So, you want the mobile devices sending mail over SMTP directly, and not through ActiveSync? (Yes, I know this is possible, but EAS is more straight-forward as 443/SSL is rarely blocked on a mobile network like port 25 often is.)

    Depending on the client you might not always be able to change settings like ports, but if the client supports smtp I don't see why this wouldn't be 465 or 587...

    Tuesday, February 15, 2011 5:47 PM
  • Microsoft recommends the Client created Receive connector for SMTP using port 587 - where port 25 cannot be used - even when SMTPS is port 465.  Some hops from a client to the HUB can be blocked along the way but typically not 587.  Thus that is why they create that Client Access port for SMTP connector along with the default connector.

    In addition, the Client connector needs to be used when you want users to authenticate with the exchange server - but port 25 thru an Edge Transport will only allow Exchange Servers to connect - it does not allow Exchange Users to authenticate - thus the 587 can be configured on the Authentication tab to only allow Exchange users and force Authentiation.

    My issue is that my mobile device either does not have EAS or the corporate sync feature of the device requires additional fees from the mobile device carrier.

    TLS works - sinc ethe Recieve connector on the HUB - allows for TLS, but the Client software does not have a place to specify an Encryption setting - only "Enable Secure Connection" which appears to be SSL -

    Therein lies my problem - I need to configure the Receive connector to use SSL

    In troubleshooting - I found that Outlook in a PC based test - has the 4 settings SSL/TLS/Auto/None for encrption method - is I pick TLS it works but if I pick SSL I get an error that the server does not hav ethis encryption enabled.

    J

    Tuesday, February 15, 2011 6:07 PM