SSL

Why can't I send using SSL?  I can receive messages but 
can't send.  I've asked everyone I know for help, but 
everyone has a different idea.  I've tried everything I 
can think of.  Is there an Outlook glitch I don't know 
about?
0
anonymous (74719)
1/4/2005 8:21:24 AM
outlook 87535 articles. 10 followers. Follow

2 Replies
459 Views

Similar Articles

[PageSpeed] 41

Are you trying to use SSL on a non-standard SMTP port? (e.g. Non-standard 
SMTP port means that the account is configured to try and send e-mail on a 
port that does not equal 25 or 465.)


"Garth" <anonymous@discussions.microsoft.com> wrote in message 
news:02af01c4f236$60d95c70$a601280a@phx.gbl...
> Why can't I send using SSL?  I can receive messages but
> can't send.  I've asked everyone I know for help, but
> everyone has a different idea.  I've tried everything I
> can think of.  Is there an Outlook glitch I don't know
> about? 


0
neo7948 (622)
1/4/2005 8:31:04 AM
"neo [mvp outlook]" <neo@online.mvps.org> wrote in message 
news:ewa87ej8EHA.2900@TK2MSFTNGP09.phx.gbl...
> Are you trying to use SSL on a non-standard SMTP port? (e.g. 
> Non-standard SMTP port means that the account is configured to try and 
> send e-mail on a port that does not equal 25 or 465.)
>
>
> "Garth" <anonymous@discussions.microsoft.com> wrote in message 
> news:02af01c4f236$60d95c70$a601280a@phx.gbl...
>> Why can't I send using SSL?  I can receive messages but
>> can't send.  I've asked everyone I know for help, but
>> everyone has a different idea.  I've tried everything I
>> can think of.  Is there an Outlook glitch I don't know
>> about?
>
>


And if you are using SSL over a standard port (25 or 465) for outbound 
e-mails, you might need to disable e-mail scanning by your anti-virus 
product which won't be able to interrogate the encrypted traffic.  Many 
anti-virus products run as proxies (some are transparent) and will 
monitor only specific or standard ports for e-mail traffic.  Some only 
monitor port 25 to scan outbound e-mails, and if you switch to SSL on 
port 465 then that anti-virus proxy won't be able to see your outbound 
e-mail traffic (and so it won't interfere with it).  However, if you use 
port 25 for outbound SSL-encrypted traffic then your anti-virus program 
that is monitoring traffic on port 25 will interfere.  The endpoints in 
an SSL connection know how to encrypt and decrypt the traffic, and the 
anti-virus proxy is not an endpoint in that SSL session (i.e., it is 
tapping into the traffic just like a hacker who you are preventing to 
see the content by encrypting it).  Some proxy-style anti-virus programs 
let you configure on which ports they will monitor e-mail traffic.  I've 
read that Avast! lets you configure which ports it will monitor.  I used 
Norton Anti-Virus and know that it will ONLY monitor the standard ports 
and not the non-standard ones (so you only need to be concerned if you 
use SSL on a standard port).

Some anti-virus software inserts itself as a layered service provider 
(LSP) into the TCP service so it doesn't use a port to monitor your 
e-mail traffic.  I think EzAntivirus operates as an LSP.  However, I 
don't know if that would help the anti-virus program to interrogate the 
SSL-encrypted data stream that flies by it.  So you couldn't even 
configure your e-mail client to use a non-standard port to bypass the 
anti-virus interceptor, and since the anti-virus interceptor isn't one 
of the endpoints in the SSL connection then it probably will interfere 
with that traffic (or it just might pass it through unfiltered, so 
behavior depends on how the anti-virus product was programmed).

For anti-virus products running as a proxy, use a different port than 
the standard one that the anti-virus product will monitor when using 
SSL.  For POP3 and SMTP, use ports 995 and 465 (or whatever your ISP 
requires), but don't use the standard ports (110 and 25).  For 
anti-virus products that operate as LSPs, or to avoid the problem 
altogther for either proxy or LSP mode anti-virus products, you could 
also just disable e-mail scanning in your anti-virus product.  Its 
on-access scanner should provide equivalent detection and protection, 
anyway.

As I understand SSL (which isn't a lot), it's handshaking is time 
sensitive so the endpoints in an SSL connection need to have similar 
times.  Use the time service or utility that periodically updates your 
computer's clock.  "Session-identifiers should have a lifetime that 
serves their purpose (namely, reducing the number of expensive public 
key operations for a single client/server pairing). Consequently, we 
recommend a maximum session-identifier cache timeout value of 100 
seconds" (from a Netscape article on SSL 3.0).  If your time is 
significantly different than the for the other end of the SSL connect 
then it might see your session as expired or not even establish a 
session.

We don't know what you tried (you never told us) or what is your current 
e-mail account definition in Outlook and what, if any, anti-virus 
software you use, and you never identified what is your e-mail provider 
(so we could see what they state for e-mail setup on their web pages to 
find out what ports to use).  Without any of this detail, my suggestion 
is to:

- Use port 995 for POP3 (inbound) e-mail.  Make sure SSL is enabled on 
that port.
- Use port 465 for SMTP (outbound) e-mail.  Make sure SSL is enabled on 
that port.
- Obey the e-mail provider's requirement regarding SPA (secure password 
authentication).  Some require it when using SSL connects, some require 
that it NOT be used.
- Make sure your firewall is configured with an application rule that 
allows Outlook to make connections on those ports.
- Disable e-mail scanning in your anti-virus software if it happens to 
be intercepting e-mail traffic on ports 995 or 465.
- Make sure your computer's clock gets periodically synchronized to an 
atomic clock.

-- 
_________________________________________________________________
Post your replies to the newsgroup.  Share with others.
E-mail: news.vanguardATgmail.com (append "#NEWS#" to Subject)
_________________________________________________________________

0
Vanguard
1/4/2005 6:13:13 PM
Reply:

Similar Artilces:

how to check if SSL or SASL is enabled at customer side or not ?
Hi All, While connecting to AD via JNDI, I am getting a error like: javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1771] From googling what I came across is, this will be thrown when a particular flavor of authentication requested is not supported. It may be specified using specific authentication schemes such those identified using SASL. And I also got a hint that, the solution would be to use e...

Exchange 5.5 SSl SMTP
How to enable SSL on SMTP Protocol on Exchange 5.5 on NT4/ Step by step please. It is very important for me . Best regards for all of You These links will provide some ideas http://www.windowsitpro.com/MicrosoftExchangeOutlook/Article/ArticleID/4869/4869.html http://support.microsoft.com/kb/q175439/ "Pawel" wrote: > How to enable SSL on SMTP Protocol on Exchange 5.5 on NT4/ Step by step > please. It is very important for me . > Best regards for all of You > > > ...

Renew SSL
Hi, Exchange 2007 on Win2003. The SSL cert is due to expire soon. Is there a recommended renewal procedure, or is it simply creating and installing a new SSL cert before it expires? Any assistance is appreciated. ED. That is pretty much it, you can renew your current certificate with your SSL provider and you should get the new certificate back within 30 min. If you plan on using another CA provider, then it might take a bit longer to authenticate your domain and company. -- John Oliver, Jr MCSE, MCT, CCNA Exchange MVP 2010 Microsoft Certified Partner &quo...

SSL
Why can't I send using SSL? I can receive messages but can't send. I've asked everyone I know for help, but everyone has a different idea. I've tried everything I can think of. Is there an Outlook glitch I don't know about? Are you trying to use SSL on a non-standard SMTP port? (e.g. Non-standard SMTP port means that the account is configured to try and send e-mail on a port that does not equal 25 or 465.) "Garth" <anonymous@discussions.microsoft.com> wrote in message news:02af01c4f236$60d95c70$a601280a@phx.gbl... > Why can't I send usin...

Help, Transferring XML data under SSL
I need some advice on how to securely transfer data between two servers. Here is the situation. We have two sql servers that hold student data. I have full access to my sql server, but only write access to the main sql server on campus. I hope to use XML and SSL to transfer student data to the main server. As for generating the XML, I'll have an asp.net page set up in a secure directory that will generate the data in xml format. The data people will access this page and get the xml file with all the data. What's the best way to turn a sql server table into XML format? W...

SSL for IMAP and SMTP
We run Exchange 2003 and want to be able to encrypt messages while people are on the road. I have read the KB 319278 (IMAP) and KB 823019 (SMTP) on how to do this. My question is do I need to different virtual servers for both (internal messaging we don't need SSL) and External (SSL needed)? I don't want to go ahead and encrypt the current virtual servers and have a ton a people calling saying they need to reconfigured their mail clients. Only those who we need to encypt on the road would we set up for secure encryption. Am I going about this in the right way? Thanks in advance....

Configuring SSL and Exchange SSL
This is a series questions and answers, I need help configuring SSL? >-----Original Message----- >Client has this. This was kept in a .PWL file in older versions of >Windows - not sure about the current versions. > >You can enable Forms Based Authentication to prevent this if you have >Exchange 2003 and SSL. > >-- >Hope that helps, >Dan Townsend > >This posting is provided "AS IS" with no warranties, and confers no rights. >Please do not send email to this address, post a reply to this newsgroup. > >Use of included script samples...

Simple question about OWA with SSL and two Exchange 2003 servers
I have installed a couple of Exchange 2003 servers on a test-domain and created a few mailboxes on each. OWA is configured with SSL and the firewall is configured to route 443 to one of the servers. OWA works perfect for all users with mailbox on this server, but for users with mailboxes on the other server, I only get an error (Page can not be found)... I�v installed the CA on both servers and generated one certificat for each server (is this correct?) Both servers are 2003 domain controllers I have tried to make on of the servers a "front end server" (the one that the fire...

POP3-SSL / IMAP-SSL front end config
Hi, Could someone tell me what ports you need open on the inside firewall (between frontend/backend exchange 2003 servers) for POP3-SSL and IMAP-SSL to work? All i have atm is 995 and 993, this does not seem to be working properly. The firewall is not managed by myself and is really locked down, that said, we have it setup so OWA is working, so the required ports there are already allowed. Matthew From the E2K3 FE/BE Topology Guide you can download from Microsoft: HTTP, POP, and IMAP communication between the front-end server and any server with which the front-end server communic...

SSL not working with OWA
All, I've just installed a new certificate on my ex2k3 server - which is reporting that it's all fine and working. OWA IS working via HTTP but not via HTTPS (I've checked internally as well). Have restarted the WWW Services and IIS. Anywhere else I can look? Very odd. Thanks, M Check this link: http://www.msexchange.org/tutorials/Securing-Exchange-Server-2003-Outlook-Web-Access-Chapter5.html This is a usefull article -- Gustavo Del Grosso Laboratorios Andrómaco Gerencia de Tecnología gustavodelgrosso@hotmail.com "Mike K" wrote: > All, > I&#...

SMTP using SSL with authentication
Help! Setup POP3/SMTP connectivity on this FE 2003 server, plus only allowing authentication and SSL for these users. Tried to setup a test user using Outlook Express, and the test user was able to sucessfully recieve and send emails. Setup a second user, with same privileges, and this user is able to recieve (POP3) emails, but not able to send emails?! Get a 454 error, but this user should be able to send if authenticated, just as well as the first test user... !? What could cause this kind of problem? TIA!! / Per Check: Client submission SMTP VS in ESM: 1. Basic with TLS/SSL e...

SSL for CRM
Hi All, Can I use SSL for my crm site ? What considerations do I need to think about for this? Thanks Mike I've tried to set up CRM directly with SSL. But didn't go with that because I was having problems. Didn't find out the true root cause. I'm using CRM with ISA. SSL bridging: Internet <-HTTPS-> ISA <- HTTP -> CRM Install your cert at ISA. Setup ISA for SSL bridging. And if we're not using ISA? crmrunner wrote: > I've tried to set up CRM directly with SSL. But didn't go with that > because I was having problems. Didn't find...

SSL
Hello, I'm having a little problem. I have Exchage 2003 installed on Windows 2003 Standard Edition. When from the Exchange System Manager, i click on the 'Publick Folders' tree in the 'Folders', it gives me this message. The SSL certificate server name is incorrect ID no: c103b404 Please advice, what do i need to do, in order to make it work. Thanks, Tony. Tony - If the Public Folders object in ESM is giving you errors about SSL, it implies to me that you've set to require SSL on the entire "Default Website" object in IIS Manager. This is a bad idea,...

OWA and SSL
I use OWA with SSL, but sometimes I get a message that some elements are insecure and a question if I want so see the no secure items. If I answer no to this, I can't see the message in the preview pane. Any solutions to this? Answer yes, and/or put the URL in your trusted sites in IE? Eirik wrote: > I use OWA with SSL, but sometimes I get a message that some elements > are insecure and a question if I want so see the no secure items. If > I answer no to this, I can't see the message in the preview pane. Any > solutions to this? Maybe that would work for me, but it ...

navigation bar on SSL page missing
I have a pretty basic site setup and recently added a page for customers to submit credit cards online through a secure page. I wanted a top level navigation bar to appear on all pages so I included it in the header of each page. The header contains a banner (company logo) and the navigation bar. Links are Home, Feedback, Gift Cards. The remaining navigation (navigation view) of the site falls under Home. The links go down about 2 more levels. Everything works great except when I goto the gift cards page the aforementioned top level navigation bar is missing. All users see is th...

Does outlook connector default to ssl?
I would like to make sure that my email transmissions to and from my hotmail account are secured by ssl. I'm using outlook 2003 and outlook connector with my paid hotmail account. Question: is the traffic to and from hotmail secured by ssl in outlook connector? If not, can I change the settings somehow? Or do I need to change my connection to hotmail to pop 3 in order to get ssl protection? Thanks! ...

SSL?
OK, this has got to be a stupid question with an obvious answer, but I can't find it ... I want to do some SSL/TLS programming using Visual Studio .NET 2002, *not* using .NET managed code (actually I don't much care if it's in an MFC context or just raw Win32). Where do I start looking for the documentation on the APIs I'm going to need?? -- Tim Ward Brett Ward Limited - www.brettward.co.uk Hi, "Tim Ward" <tw2@ipaccess.com> schrieb im Newsbeitrag news:4f5aakF1h6igeU1@individual.net... > OK, this has got to be a stupid question with an obvious answer, ...

SPA vs POP over SSL (SSL for Exchange)
Exchange 5.5 sp4, W2K serve I have a few roaming clients using Outlook with POP to our internal Exchange server. My question is what are the advantages between using SPA Secure Password Authentication vs. POP over SSL I am thinking SPA uses a challenge and response for the password but does not encrypt anything. POP over SSL encrypts everything including password and mail data. So SPA only protects your password from spying eyes. Right? In order to force my users to use SPA, what can I set on my Exchange 5.5 server What do I have to open on my firewall for SPA Also, a while back, I tried ...

secure smtp problem (SSL)
Hi Bit of background Firewall ISA 2000 One public IP - default SMTP - Exchange 2003 (SP 1) - port 25 Another public IP - Secure SMTP - Exchange 2003 (SSL) - port 25 Problem with users outside the network using POP3 and the secure smtp for their emails, Can telnet to secuure smtp via public IP no problem and start the startTTLS command POP3 works fine But there's a strange problem with the secure smtp - sometimes it works, sometimes not, totally random get this error sometimes The message could not be sent because the server rejected the sender's e-mail address. The sender's ...

SSL Problem #3
I'm having a wierd issue with SSL. I've installed our Comodo SSL certificate and made sure it was correctly setup for the Default Website and Exchange. I've also made sure that authentication for Exchange is using SSL. However when I go to access OWA I get a 404 Page Not Found. The site works fine using basic authentication but for some reason it is not liking SSL. Any ideas? ...

TLS/SSL
I'am using exchange 2003 with SSL authentication, but i can't get anny e-mail from extern e-mail servers using TLS. How should i resolve the problem and is that correct that a server with ssl can't receive messages with TLS authentication? Kind regards, "HY" <HY@discussions.microsoft.com> wrote: >I'am using exchange 2003 with SSL authentication, but i can't get anny e-mail >from extern e-mail servers using TLS. >How should i resolve the problem and is that correct that a server with ssl >can't receive messages with TLS authentication? ...

SQL 2008 x64 SP1 SSRS can't authenticate SSL
We are running a Server 2008 Standard x64 server with SQL Server Standard 2008 x64 SP1 installed. I've installed the Reporting Services and configured it using the instructions provided by ConnectWise (the CRM application I'm installing). Non-SSL connections work fine but not SSL. When I connect to http://connectwise/Reports and ReportServer, I provide the username and password and they display correctly. However, when I use https it will not accept any username or password. I can access https://connectwise so I think SSL is correctly configured in IIS. Any ideas why I can&#...

imap or imap-ssl to front end
Tony Feb 10, 3:24 pm show options Newsgroups: microsoft.public.exchange2000.connectivity From: "Tony" <t...@suse.stanford.edu> - Find messages by this author Date: Thu, 10 Feb 2005 14:24:08 -0800 Local: Thurs, Feb 10 2005 3:24 pm Subject: unablke to connect using imap or pop to exchange 2000 Reply to Author | Forward | Print | Individual Message | Show original | Report Abuse I am unable to connect to imap or pop (both with ssl) I keep getting the authentication box pop up and th...

ex bpa ssl result
good afternoon just ran best practices analisys and got this result --> regarding the ssl certificate, it has expired on 12 15 2004 furthermore, there is a mismatch between names. cimbo.com doesn't matches snake desert, snake town, snake oil ... what exactly am i dealing with ?? we are not using ssmpt. is this related to it ?? thanks for any help Pedro Leite from Portugal ...

SSL #2
I just installed & configure Microsoft CA forcing OWA to use SSL port. Everything is fine. What I would like to ask is that how to make Security Alert box for SSL disappeared when users accessing OWA internally. can it be done in Gwindows 2003 Group policy or else ?? Thanks for you reply ...