Tuesday, 5 April 2016

eMails with - SMTP, POP, IMAP, MAPI, unencrypted or encrypted with SSL or TLS

While refreshing my own understanding of mail authentication, I stumbled across two well written and clearly explained articles on:

Three ways a mail message can be handled:
·         Unsecured - no encryption (no SSL or TLS)
·         Explicit (port based) encryption (SSL)
·         Implicit (by protocol) encryption (TLS)


The sending computer or server could be configured for:
  1. No TLS — never use it.
  2. Opportunistic TLS — use it if it is available, if not, send insecurely.
  3. Forced TLS — use TLS or do not deliver the email at all

And for the record, while there are other mail protocols, the majority of our world will use one of four:

POP(3) (Receiving email)
  • Port 110 - this is the default POP3 non-encrypted port
  • Port 995 - this is the port you need to use if you want to connect using POP3 securely
IMAP (Interacting with remote email stores)
  • Port 143 - this is the default IMAP non-encrypted port
  • Port 993 - this is the port you need to use if you want to connect using IMAP securely
SMTP (Sending email)
  • Port 25 - this is the default SMTP non-encrypted port
  • Port 465 - this is the port used, if you want to send messages using SMTP securely
  • Port 578 - Authenticated SMTP 
Exchange MAPI
MAPI is a way for applications and email clients to communicate with Microsoft Exchange servers,
and is capable of IMAP style syncing of emails, contacts, calendars, and other features, all tied into local email clients or applications.
This function of syncing emails is branded by Microsoft as “Exchange ActiveSync.”
  • RPC - this is the default SMTP non-encrypted port
(TCP End Point Mapper port (TCP/135) and the dynamic RPC port range (6005-59530) for outgoing connections)

                If using webmail clients but these already have the underlying POP or IMAP running between the mail server and the webmail (http) server

No comments: