 The mail server is set to not accept....
plain text authentication. So if the SSL connection is not made, the auth appears as plain text and is not accepted. This is how the SSL connection is enforced. Plus the port is not the issue. An SSL connection can be made using port 25 as long as the server and client support it. It is the hand shake between the two computers that determines whether the connection is SSL.
So by setting Zimbra to not accept plain text authentication, the encryption must take place before the credentials are sent across the wire. |