How to configure SSL or TLS to secure Smartermail
In order to configure SSL or TLS to secure Smartermail, you must first purchase an SSL certificate from the vendor of your choice. You will only need one certificate even if you have several domains you would like to secure. You may be asking yourself, "How will my POP and IMAP customers all use the same SSL cert?" The answer is simple:
For example, if you purchased one certificate for mail.domain.com, all of your users, no matter what their domain is, must use mail.domain.com in their email client settings for their incoming and outgoing servers if they want their mail secured.
TLS will need to be set up over port 25, 110, 143 and SSL over ports 465, 993, and 995. Be sure you have those ports open in your firewall.
Prior to configuring SmarterMail to be secured over SSL or TLS, the SSL certificate installed on the server must first be exported to a Base-64 Encoded certificate that is readable by SmarterMail. Instructions on how to do this can be located here.
After you export the cert to the Base-64 Encoded format, follow these steps to add a port to listen over SSL or TLS:
Log in to SmarterMail as the system administrator.
Click the Settings icon.
Expand the Bindings folder and click Ports in the navigation pane.
Click New in the content pane toolbar. A popup window will display.
Complete the following required fields: Protocol, Encryption (SSL or TLS), Name, Port and Certificate Path. All other fields are optional.
Click Verify Certificate in the lower right corner of the popup window to ensure the certificate exists in the specified path.
Click Save.
NOTE: Using similar steps as above, modify your existing port 25 to be encrypted with SSL or TLS.
Once you have added SSL to a port, you can follow the instructions below to add the port to listen on an IP:
Log in to SmarterMail as the system administrator.
Click the Settings icon.
Expand the Bindings folder and click IP Addresses in the navigation pane.
Select desired IP address and click Edit.
Use the checkboxes to select the port(s) you would like the IP address to listen on.
Click Save.
NOTE: For these changes to take effect, the SmarterMail service must be completely stopped then restarted