There are many important ways to keep the connection between your mail server and destination servers secure. Some of these involve protocols and systems such as SPF, DKIM, and DMARC. But it’s also important to think about how the connection is made between the servers. That’s where a secure server, using a SSL certificate, comes in.
If you don’t have a secure connection for SMTP, then in clients like Gmail, the end user sees a red “warning broken security” icon with your email messages. You want to avoid that.
There are many ways to create that SSL certificate in the first place. I happen to use WinAcme which is free. It’s fairly straightforward to use and lets you create SSL certificates for all of your websites.
Now the key is to have MailEnable use that for its SMTP connections.
To begin with, launch MailEnable and go into the properties of ‘localhost’. In there is a drop-down for you to choose that secure SSL certificate you have created. Also, there’s a checkbox for:
Use requested SSL certificate if possible for non-IIS services (SNI). Default certificate will be used if a match not available. SNI for web services is configured under IIS control panel applet.
Check that and save.
Now you want to work on the SMTP details. Go to the SMTP queue and choose properties. Go to the Outbound area. Choose:
Send using TLS if remote server supports it.
TLS stands for Transport Layer Security. It creates a secure connection between the sender (your mail server) and the recipient (the person you’re sending to). Note that this is IN ADDITION to the systems of SPF, DKIM, and DMARC, which are all other aspects of a secure mail transmission.
Yes, there are now quite a lot of angles involved in preventing spam.
Once you have made this change, save this.
Then under service status, restart all services.