Email on port 465 generates error in outlook

No it won't solve the problem for all domains. It'll solve the problem for the main hostname. So you'd have to then instruct all your people to connect to the main hostname.

What your customers are seeing is not an "error" - Just tell your customers if they wnat SSl encryption they need to accept the self-signed certificate and move on. I've never had a customer complain abou thte self signed certs on the SSL mail ports. Let your customers know that they can pay you for a standalone server+software if they want goofy signed certificates on thier own mail hostname.

Mike

 

You can check the following lines inside /etc/exim.conf file and see if it contains the port number 465. If not, add it as follows.

Code:

daemon_smtp_ports = 25 : 465
tls_on_connect_ports = 465

Once this is done and after saving the file, restart exim. Check for the port using the netstat command after that.

Code:

/etc/rc.d/init.d/exim restart

 

An SSL for the host name of the server can be as little as $40 or so and then just informing users to use server.host.tld (the actual server host name) for the SMTP server is all it takes to avoid warnings.

Alternatively you can have Exim listen on another port from the "service manager" in WHM by specifying an alternative non-tls port such as 26, 587, etc like many hosts do these days as a lot of ISP's block port 25.

 

Sadly, brain dead Outlook and the Outlook Express do not have a way to say "always trust this certificate" unless one imports the certificate to the Trusted Root Certification Authorities store (what were they thinking?) but then you are giving the certificate issuer god like powers as far as certification is concerned. The entire scheme is a sham to fill the pockets of certification authorities.

You need to watch where you are getting the certificate from, because if it is not one of the, or sub of, predefined authorities in Windows then they will be getting the exact same message until that certificate is imported into the store which you could have done at the first place!
I have the same complain from the users. I tell them they have to live with it and to just to accept it every time they send/receive. Just one extra click after all.

 

Sorry I am not up on retail availability SSL cert pricing but a quick search found $46.50 for GeoTrust or Commodo certs:

Advanced search :: Search results - Trusted GeoTrust and Comodo SSL Certificates at Lower Prices. RapidSSL, Comodo PositiveSSL, GeoTrust QuickSSL, True BusinessID with EV and more. CheapSSLs.com -- Same Certs. Low Price.