Re: OE6 problem: SMTP port 465 /w SSL

From: S.Y. Paul Lai (syplai_at_hotmail.com)
Date: 08/01/04 

Date: Sun, 1 Aug 2004 22:20:54 +0800

Thankyou for your test. However, I can setup OE6 to use SSL in a different
port, too, but when I send a mail, it always return something like this:

Your server has unexpectedly terminated the connection. Possible causes for
this include server problems, network problems, or a long period of
inactivity. Account: 'my account', Server: 'myserver.mydomain.com',
Protocol: SMTP, Port: 465, Secure(SSL): Yes, Error Number: 0x800CCC0F

Using the same clients to connect to the same server, when I don't require
SSL in server and don't set SSL on clients, they can use port 465. When I
require SSL in server /w port 25 and the clients are using port 25, they
works well. The problem only exists when I use SSL on other ports like 465
or 587. I have obtained the same result using OE6 in 3 different computers,
one of them is the exchange server itself.

To temperorily solve the problem, I setup a single virtual server using the
TCP 25 port. It allows either anomynous non-SSL connection or
Basic-Authentication TLS connection. Anomynous asscess and basic
authentication requiring TLS is checked, NT authentication is disabled as it
doesn't require encryption. Web server certificate is installed on the
virtual server but security channel is not required. Relay is only allowed
for authenticated users. The result: incomming and outgoing SMTP messages
can route through the virtual server without authentication, but public
relay is not allowed; client submission must be authenticated/encrypted
using TLS and can be relay out of the organization.

I read something from http://support.microsoft.com said that the SMTP SSL
protocol supported by Outlook 97/98 is not compatible with the TLS
encryption supported by Exchange 5.5 (KB218430). In the document, it saids
OE5 and Outlook 2000 would support TLS over port 25, well, port 25 only.

I don't know whether my problem is related to the same problem mentioned in
KB218430. However, OE6 is a very common email client. It should support
the common SMTP SSL setup using port 465 or 587. I hope Microsoft will fix
that. 

-- 
S.Y.P. Lai
MCSE+Internet NT4
MCSE+Security Win2K
MCSE+Messaging Win2k3
"Lanwench [MVP - Exchange]"
<lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com>
 news:%23A2wur8dEHA.3732@TK2MSFTNGP11.phx.gbl
> I just created a test account in my OE6 and it can use another port with
> SSL - tick the "Use SSL" box first, then change the port.
>
> S.Y.P. Lai wrote:
> > My Exchange SMTP setup has 2 virtual servers:
> >
> > 1.  Using the public IP, port 25, anomynous access, SSL
> > OFF, MX record point to this server, all outgoing messages
> > use this server as bridge head.
> >
> > 2.  Using the same public IP, port 465, NT
> > authentication /w SSL, used by Outlook Express clients for
> > submission
> >
> > However, I found that Outlook Express can't use any port
> > other than port 25 when SSL is required.  I can config it
> > use other ports but it just doesn't work when you actually
> > send mails.
> >
> > I know what is firewall and I know how antivirus softwares
> > intercept emails.  My test machines have no firewall and
> > no antivirus software is installed.
> >
> > I have only one public IP address available.  How can I
> > let Outlook Express clients using NT authentication to
> > send message encrypted by SSL?
> >
> > Thankyou for any input!
> >
> >
> > --------------------------
> > S.Y.P. Lai
> > MCSE+Internet NT4
> > MCSE+Security Win2K
> > MCSE+Messaging Win2k3
>
>

Relevant Pages

  • Re: outlook express wont connect using ssl
    ... my smtp VS which is on 587 to the same settings as my default server ... the only difference is the port #. ... As soon as the cert has been added, SSL ...
    (microsoft.public.exchange.admin)
  • Re: outlook express wont connect using ssl
    ... my smtp VS which is on 587 to the same settings as my default server ... the only difference is the port #. ... SSL ...
    (microsoft.public.exchange.admin)
  • Re: [kde-linux] kmail - receiving mail with sbcglobal yahoo
    ... Authentication methods--see, ... Have you tried removing the account and creating it all over again? ... Is Port 110 actually open ... Server requires authentication: Yes ...
    (KDE)
  • Re: Freecycle leads to Yahoo email woes
    ... From memory it involved reasonably standard pop and smtp server names ... 'Use SSL,port465,use authentication' for outgoing.' ... Connection" under the Incomingor Outgoing Port ... Try Changing the Port Number (on the Advanced Tab of the Account ...
    (uk.people.silversurfers)
  • Re: No SSL on fetchmail?
    ... It depends on the port you connect to. ... encrypted via SSL. ... Connect to the server using the specified base ... This means you have to setup SSL server certificates for the pop3 and imap servers which are signed by a trusted certificate authority. ...
    (comp.mail.misc)