PSCS Wiki

User Tools

Site Tools

Trace:
how_to:encrypt_sessions

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
how_to:encrypt_sessions [2015/06/24 08:27] paulhow_to:encrypt_sessions [2018/11/14 10:45] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ======How To Encrypt Sessions====== ======How To Encrypt Sessions======
-VPOP3 Enterprise 2.6 and later supports SSL/TLS encrypted sessions to VPOP3 itself. So, the email client or web browser will encrypt the data passed to VPOP3 so it cannot be intercepted.+VPOP3 Enterprise 2.6 and later supports SSL/STARTTLS encrypted sessions to VPOP3 itself. So, the email client or web browser will encrypt the data passed to VPOP3 so it cannot be intercepted.
  
 This requires an [[create an ssl certificate|SSL Certificate]] to be created for VPOP3. This requires an [[create an ssl certificate|SSL Certificate]] to be created for VPOP3.
Line 6: Line 6:
 VPOP3 supports two methods of encryption: VPOP3 supports two methods of encryption:
   - SSL - this is an old method of encrypting sessions which is not supported by the standards. However, some popular email clients such as Microsoft Outlook & Outlook Express only support this method. Other email clients such as Mozilla Thunderbird also support this for backward compatibility. SSL connections are usually done on a different TCP port from normal (eg POP3 is on port 110, POP3S is on port 995). SSL connections are encrypted from the start, so any connections on that port MUST be encrypted.    - SSL - this is an old method of encrypting sessions which is not supported by the standards. However, some popular email clients such as Microsoft Outlook & Outlook Express only support this method. Other email clients such as Mozilla Thunderbird also support this for backward compatibility. SSL connections are usually done on a different TCP port from normal (eg POP3 is on port 110, POP3S is on port 995). SSL connections are encrypted from the start, so any connections on that port MUST be encrypted. 
-  - STARTTLS - (this is called 'TLS' in older versions of VPOP3) this is the encryption method supported by the standards. This is supported by the more modern email clients such as Mozilla Thunderbird, Opera, etc. Outlook & Outlook Express do not currently support this method. STARTTLS connections are carried out on the same port as normal (eg port 110 for POP3). With STARTTLS connections they start off unencrypted, then the client tells the server it wants an encrypted session, so it becomes encrypted. With STARTTLS you can tell VPOP3 to either allow plain or encrypted sessions, or to require encrypted sessions.+  - STARTTLS - (this is called 'TLS' in older versions of VPOP3) this is the encryption method supported by the standards. This is supported by the more modern email clients such as Mozilla Thunderbird, Opera, etc. Older versions of Outlook & Outlook Express do not support this method, but recent versions of Outlook do. STARTTLS connections are carried out on the same port as normal (eg port 110 for POP3). With STARTTLS connections they start off unencrypted, then the client tells the server it wants an encrypted session, so it becomes encrypted. With STARTTLS you can tell VPOP3 to either allow plain or encrypted sessions, or to require encrypted sessions.
  
 STARTTLS encryption can be used for incoming SMTP connections, if the sending SMTP server supports STARTTLS as well as the receiving server. SSL encryption cannot be used for incoming SMTP connections. For any SMTP server which allows incoming connections, you **must** allow either encrypted or plain sessions, or some mail senders will not be able to send mail to you. STARTTLS encryption can be used for incoming SMTP connections, if the sending SMTP server supports STARTTLS as well as the receiving server. SSL encryption cannot be used for incoming SMTP connections. For any SMTP server which allows incoming connections, you **must** allow either encrypted or plain sessions, or some mail senders will not be able to send mail to you.
  
-STARTTLS is the recommended method for encryption data for POP3, SMTP and IMAP4, however if you have to support Microsoft Outlook or Outlook Express for some reason, then you will have to use the deprecated SSL method as well.+STARTTLS is the recommended method for encryption data for POP3, SMTP and IMAP4, however if you have to support Microsoft Outlook Express or old versions of Microsoft Outlook for some reason, then you will have to use the deprecated SSL method as well.
  
 =====Installing a certificate===== =====Installing a certificate=====
how_to/encrypt_sessions.1435134479.txt.gz · Last modified: 2018/11/14 10:44 (external edit)

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki