Navigation:  Security Menu > Security Settings > SSL & TLS >

MDaemon

Print this Topic Previous pageReturn to chapter overviewNext page

Enable SSL, STARTTLS, and STLS

Click this check box to activate support for the SSL/TLS protocol and the STARTTLS and STLS extensions. Then, choose the certificate that you want to use from the list below.

Enable the dedicated SSL ports for SMTP, IMAP, POP3 servers

Click this option if you want to make available the dedicated SSL ports specified on Ports under Default Domains & Servers. This will not affect clients using STARTTLS and STLS on the default mail ports — it merely provides an additional level of support for SSL.

SMTP server uses STARTTLS whenever possible

Click this option if you want MDaemon to attempt to use the STARTTLS extension for every SMTP message it sends. If a server to which MDaemon is connecting doesn't support STARTTLS then the message will be delivered normally without using SSL. Use the White List in this section if you wish to prevent the use of STARTTLS for certain domains.

DomainPOP/MultiPOP servers use STLS whenever possible

Check this box if you want the DomainPOP and MultiPOP servers to use the STLS extension whenever possible.

Certificate List

This box displays your SSL certificates. Single-click a certificate in this list to designate it as the certificate that you wish the mail servers to use. Double-click a certificate to open it in the Certificate dialog on which you can review its details.

MDaemon does not support different certificates for multiple domains. All mail domains must share a single certificate. If you have more than one domain then enter those domain names under the option, Alternative host names (separate multiple entries with a comma) outlined below.

Delete

Select a certificate in the list and then click this button to delete it. A confirmation box will open and ask you if you are sure that you want to delete the certificate.

 

The following controls are used to create certificates. To edit any certificate, double-click its entry in the list above.

Host name

Enter the host name to which your users will connect (for example, "mail.example.com").

Organization/company name

Enter the organization or company that "owns" the certificate here.

Alternative host names (separate multiple entries with a comma)

MDaemon does not support separate certificates for multiple domains — all domains must share a single certificate. If there are alternative host names to which users may be connecting and you want this certificate to apply to those names as well, then enter those domain names here separated by commas. Wildcards are permitted, so "*.example.com" would apply to all sub domains of example.com (for example, "wc.example.com", " mail.example.com", and so on).

Encryption key length

Choose the desired bit-length of the encryption key for this certificate. The longer the encryption key the more secure the transferred data will be. Note, however, that not all applications support key lengths longer than 512.

Country/region

Choose the country or region in which your server resides.

Create Certificate

After entering the information into the above controls, click this button to create your certificate.

Restart Servers

Click to restart the SMTP/IMAP/POP servers. The servers must be restarted when a certificate changes.

See: