The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL SMTP on 587 - how is this possible?

Discussion in 'E-mail Discussions' started by shacker23, Oct 24, 2010.

  1. shacker23

    shacker23 Well-Known Member

    Joined:
    Feb 20, 2005
    Messages:
    263
    Likes Received:
    1
    Trophy Points:
    16
    Sorry to re-post this from the Mail forum, but really need to get an answer on this and having no luck over there.

    If you set up the Service Manager to use 587 as an alternative Exim port, you can then set up email clients to send outbound over 587 with SSL. Works perfectly in all mail clients my customers use. For years, I've thought this was intended/expected behavior.

    But from what I read and hear, 587 is an alternative to 25, i.e. should not be taking SSL connections. According to one expert I'm corresponding with, this should simply not be possible and/or working. And yet it does.

    Can anyone explain why SMTP 587 with SSL works? Thanks.
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Are you certain it isn't using TLS on port 587 instead? There can be confusion between the two, but my understanding is that port 587 doesn't use SSL, it can use TLS.
     
  3. shacker23

    shacker23 Well-Known Member

    Joined:
    Feb 20, 2005
    Messages:
    263
    Likes Received:
    1
    Trophy Points:
    16
    Hmm, interesting theory. If mail clients are doing that, then they do it transparently. e.g.: If you through account setup with Apple Mail and set up secure SMTP auth, it will auto-detect ports so you don't know which port it's really using. If you then go back into the prefs and change the port to 587, with SSL still on, it still works. It may be that it's switching internally to TLS at that point.

    Other mail clients seem to work the same way.

    How would I determine definitively if that's what it's doing?
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    When you select SSL, it tries TLS first in most mail clients, and then goes to SSL if TLS fails. Here's a discussion of that behavior in MacMail:

    Apple - Support - Discussions - Where is the TLS option in Mail? ...

    Since 587 doesn't run on SSL but does on TLS, the assumption would be it's running on TLS. I don't precisely know how or why this needs to be checked. TLS is a form of SSL but a more advanced / stringent one. You are better off with the fact it is going to use TLS and that's why mail clients check for TLS first.

    Also, just to point it out again, here's a discussion of someone who tried to use SSL with port 587 and it didn't work, and was told 587 only allows TLS:

    http://forum.avast.com/index.php?PH...cda7aa6f4394d&topic=58015.msg488942#msg488942

    You can search online and see the same results. 587 uses TLS; it does not use SSL.

    Edit: Please note that I've removed the prior topic that was exactly the same as this one so we didn't have two duplicate threads.
     
  5. shacker23

    shacker23 Well-Known Member

    Joined:
    Feb 20, 2005
    Messages:
    263
    Likes Received:
    1
    Trophy Points:
    16
    Many thanks Tristan - I think that pretty much nails the situation. I get it now. Much appreciated.

    Best,
    Scot
     
Loading...

Share This Page