• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Question Mail automatically secured by SSL/TLS?

Pleskie

Regular Pleskian
Hi, a quick question.

When I create a new mail address in Plesk, is it automatically secured by SSL/TLS?

Regards
 
A mail address can never be secured by SSL/TLS. Instead, the connection between client and server can be secured. If you have a valid certificate for your Plesk host name installed and if the client connects to POP, IMAP and SMTP using SSL/TLS and the host name (not the individual domain name of the subscription), then the connection is automatically properly secured. If the client is not connecting by using the host name of the host where the SSL certificate is installed, the connection is insecure. If the client is using the host name where the SSL certificate is installed, but is using SSL/TLS, the connection is insecure. For SSL to work you do not need to set an SSL checkbox in Plesk's mailbox configuration. If the host supports SSL, clients can use SSL when connecting to the mailbox. They must meet the conditions named in this post to properly establish a secure connection, though.
 
Thank you Peter Debik

Things are much clearer now.

>> If you have a valid certificate for your Plesk host name installed ...

Do I need to buy a valid certificate or can Plesk generate this certificate?

>> If the client is using the host name where the SSL certificate is installed, but is using SSL/TLS, the connection is insecure.

Is this sentence correct, or did you forget the word "not"?
 
Yes, I forgot the "not".

Plesk comes with a self-signed certificate, but you should use a commercial certificate to secure the host name, because you need a trust center signature to avoid browser warnings. I think there was a post on here, too, how to generate a host name certificate using Let's Encrypt, but not sure.
 
Thanks Peter Debik

>> ... to avoid browser warnings

I'm not an expert and I wonder what browser warnings have to do with a mail client? Can you explain?

So in other words I will have to buy an (expensive?) certificate to make SSL/TLS work?
 
Mail clients will display warnings, too, if the server certificate is self-signed.

From Plesk 17 on there should be an option to use a free Let's Encrypt certs to secure the host.
 
Thanks ... I don't really understand all of this and what exactly I should do right now to make my SSL/TLS work :-(
 
Back
Top