• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Question Mail automatically secured by SSL/TLS?

P

Pleskie

Regular Pleskian
Hi, a quick question.

When I create a new mail address in Plesk, is it automatically secured by SSL/TLS?

Regards
 
A mail address can never be secured by SSL/TLS. Instead, the connection between client and server can be secured. If you have a valid certificate for your Plesk host name installed and if the client connects to POP, IMAP and SMTP using SSL/TLS and the host name (not the individual domain name of the subscription), then the connection is automatically properly secured. If the client is not connecting by using the host name of the host where the SSL certificate is installed, the connection is insecure. If the client is using the host name where the SSL certificate is installed, but is using SSL/TLS, the connection is insecure. For SSL to work you do not need to set an SSL checkbox in Plesk's mailbox configuration. If the host supports SSL, clients can use SSL when connecting to the mailbox. They must meet the conditions named in this post to properly establish a secure connection, though.
 
Thank you Peter Debik

Things are much clearer now.

>> If you have a valid certificate for your Plesk host name installed ...

Do I need to buy a valid certificate or can Plesk generate this certificate?

>> If the client is using the host name where the SSL certificate is installed, but is using SSL/TLS, the connection is insecure.

Is this sentence correct, or did you forget the word "not"?
 
Yes, I forgot the "not".

Plesk comes with a self-signed certificate, but you should use a commercial certificate to secure the host name, because you need a trust center signature to avoid browser warnings. I think there was a post on here, too, how to generate a host name certificate using Let's Encrypt, but not sure.
 
Thanks Peter Debik

>> ... to avoid browser warnings

I'm not an expert and I wonder what browser warnings have to do with a mail client? Can you explain?

So in other words I will have to buy an (expensive?) certificate to make SSL/TLS work?
 
Mail clients will display warnings, too, if the server certificate is self-signed.

From Plesk 17 on there should be an option to use a free Let's Encrypt certs to secure the host.
 
Thanks ... I don't really understand all of this and what exactly I should do right now to make my SSL/TLS work :-(
 
You must log in or register to reply here.

Similar threads

C
Resolved FTP secured connection (FTP over TLS/SSL) not possible (after Upgrade Debian 9 to 10)
Replies
1
Views
2K
Coda666
C
Talistech
Resolved Typo in the help section of the sslit extenion
Replies
3
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
khalidbochajra
Issue My Plesk mail server is broken (DNS maybe!)
Replies
2
Views
869
MHC_1
M
B
Resolved domain uses plesk ssl certificate
Replies
2
Views
2K
biaaas
B
T
Question Let's Encrypt SSL certificate issuance on new subdomain take too long
Replies
2
Views
2K
tertek
T
Back
Top