Results 1 to 6 of 6

Thread: Optional SSL

  1. #1
    altimage is offline Active Member
    Join Date
    Nov 2005
    Location
    Daytona Beach, FL
    Posts
    39
    Rep Power
    9

    Default Optional SSL

    We are currently using Zimbra with an SSL connection on SMTP. Over time we've found that it is very difficult to support (anti-virus programs hate it, some possible firewall issues, etc). We want to move away from it but at this point we have too many clients that are configured to use it that its not so easy to just turn it off, Is there any way to make TLS optional. For example, if the client requests an SSL connection, let them use it, if they don't accept it without SSL? Or even configure it on a domain by domain basis?

    thanks,
    AltImage

  2. #2
    scottnelson is offline Special Member
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    8

    Default

    Via the Admin gui/webpage:

    'servers', click on the server name, click on 'MTA' tab, uncheck 'TLS authentication only', if using IMAP check 'Enable clear text login', if using pop check 'Enable clear text login' , click on save.

    Done

    Isn't this in the admin manual? <shrug>

    Scotty

  3. #3
    altimage is offline Active Member
    Join Date
    Nov 2005
    Location
    Daytona Beach, FL
    Posts
    39
    Rep Power
    9

    Default

    Quote Originally Posted by scottnelson
    Via the Admin gui/webpage:

    'servers', click on the server name, click on 'MTA' tab, uncheck 'TLS authentication only', if using IMAP check 'Enable clear text login', if using pop check 'Enable clear text login' , click on save.

    Done

    Isn't this in the admin manual? <shrug>

    Scotty
    I actually did try that, but it doesn't seem to work. Here' the error I get

    The server does not support a SSL connection. Account: 'ai.4ph.com', Server: 'ai.4ph.com', Protocol: SMTP, Server Response: '250 8BITMIME', Port: 25, Secure(SSL): Yes, Server Error: 250, Error Number: 0x800CCC7D

    If I change the settings in Outlook Express, unchecking "My Outgoing server requires an SSL connection", it works fine. But I can't get it to accept either SSL or non-SSL SMTP connections.

    thanks,
    AltImage

  4. #4
    scottnelson is offline Special Member
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    8

    Default

    1. Make sure you are not blocking tcp-25 via personal firewall on the local box. Unlikely but you never know. Also, some of the newer Antivirus stuff acts like a spam filter/firewall and such and will block ourbound stuff from your local machine if it sees a pattern.

    2. Are you sure that smtp SSL on the Zimbra box is currently working now?

    I just tried it using Zimbra settings I mentioned earlier and I can send both with and without SSL using OE 6.0 .

    You don't have SPA checked do you?
    Don't check the "Log in using Secure Password Authentication" box.

    I am on Zimbra 3.1.4 and both ways currently work now.
    I leave it up to the end client/user to decide which way they want to go.

    Hope this helps.

    Scotty

  5. #5
    altimage is offline Active Member
    Join Date
    Nov 2005
    Location
    Daytona Beach, FL
    Posts
    39
    Rep Power
    9

    Default

    Quote Originally Posted by scottnelson
    1. Make sure you are not blocking tcp-25 via personal firewall on the local box. Unlikely but you never know. Also, some of the newer Antivirus stuff acts like a spam filter/firewall and such and will block ourbound stuff from your local machine if it sees a pattern.

    2. Are you sure that smtp SSL on the Zimbra box is currently working now?

    I just tried it using Zimbra settings I mentioned earlier and I can send both with and without SSL using OE 6.0 .

    You don't have SPA checked do you?
    Don't check the "Log in using Secure Password Authentication" box.

    I am on Zimbra 3.1.4 and both ways currently work now.
    I leave it up to the end client/user to decide which way they want to go.

    Hope this helps.

    Scotty
    SSL works fine and SPA isn't checked. I'm in the middle of upgrading to the 4.0 Network Edition so maybe that will take care of it.

    Thanks,
    altimage

  6. #6
    altimage is offline Active Member
    Join Date
    Nov 2005
    Location
    Daytona Beach, FL
    Posts
    39
    Rep Power
    9

    Default

    Quote Originally Posted by altimage
    SSL works fine and SPA isn't checked. I'm in the middle of upgrading to the 4.0 Network Edition so maybe that will take care of it.

    Thanks,
    altimage
    I'm not sure what weirdness was going on with our previous install, but unchecking the Require TLS box in Zimbra admin works just as expected after the upgrade. Everything's fine now!

    altimage

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Installing commercial ssl on zimbra cs (network ed.)
    By keithop in forum Administrators
    Replies: 4
    Last Post: 04-28-2009, 04:16 PM
  2. Certificate Change Kicks Moto Q off of SSL Synch
    By theasbcguy in forum Zimbra Mobile
    Replies: 3
    Last Post: 04-14-2008, 12:01 PM
  3. Disable SSL on the Admin Port 7071
    By rasputin in forum Installation
    Replies: 2
    Last Post: 04-06-2008, 03:29 AM
  4. Help with tomcat ssl errors...
    By sgtstadanko in forum Administrators
    Replies: 4
    Last Post: 03-19-2007, 09:13 PM
  5. Problems when making and installing Perl
    By wildhuman in forum Developers
    Replies: 10
    Last Post: 09-08-2006, 05:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •