SharePoint 2016 brings a lot of improvement in the field of out-going & Incoming emails. Now we can send emails using encryption and also using the non-default port number.

SMTP Connection Encryption

Using the encryption while sending the outgoing emails. SharePoint 2016 supports sending an email to SMTP servers that use STARTTLS connection encryption.

There are couples of things required before setting at SharePoint.

  1. STARTTLS must be enabled on the SMTP server.
  2. The SMTP server must support the TLS 1.0, TLS 1.1, or TLS 1.2 protocol.

SSL 2.0 and SSL 3.0 protocols are not supported.

  1. The SMTP server must have a server certificate installed.
  2. The server certificate must be valid. Typically, this means that the name of the server certificate must match the name of the SMTP server provided by SharePoint. The server certificate must also be issued by a certificate authority that is trusted by the SharePoint server.
  3. SharePoint must be configured to use SMTP connection encryption.

If SharePoint is configured to use SMTP connection encryption, it will only send email messages if it successfully negotiates connection encryption with the SMTP server. It will not fall back and send email messages unencrypted if connection encryption negotiation fails.

 If SharePoint is not configured to use SMTP connection encryption, it will always send email messages unencrypted, even if the SMTP server supports connection encryption.

SMTP Port:

SharePoint 2016 also bring the another nice thing, now you can configure SMTP to use the non-default port. This will give us more flexibility to configure SMTP service. Improve the Security.

To configure above options, please see this link.