Enable TLS on smtp.aa.net.uk: Difference between revisions

Enable TLS on smtp.aa.net.uk (view source)

Revision as of 06:34, 23 July 2019

645 bytes added , 23 July 2019

m

→‎What if my email program or device doesn't support TLS?: Caps

CecilWard

252

edits

Revision as of 09:20, 14 December 2016 (view source) AA-Andrew (talk \| contribs) m (→‎Recommended Settings) ← Older edit		Revision as of 06:34, 23 July 2019 (view source) CecilWard (talk \| contribs) m (→‎What if my email program or device doesn't support TLS?: Caps) Tags: Mobile edit Mobile web edit Newer edit →
(9 intermediate revisions by 3 users not shown)
=Brief Overview= This article as about enabling TLS in your existing email program when sending email through the AAISP email servers (smtp.aa.net.uk). If you are setting up an email program from scratch then simply select/tick the options to use TLS or STARTTLS. This page gives help when you want to edit an existing account to enable TLS.▼ In short, we recommend that all customers use [https://en.m.wikipedia.org/wiki/Transport_Layer_Security TLS] (Also known as STARTTLS) when sending email through our servers. Here are our recommended settings, which you may want to check against the settings that you currently have in your email program: {\| class="wikitable" !colspan="3"\|Outgoing email settings \|- !Outgoing Server \|smtp.aa.net.uk \|- !Port \|587 or 25. Given a choice, use 587 \|- !Security \|STARTTLS (sometimes called TLS) \|- !Authentication \|Password, and use the same username & password as your IMAP/POP3 settings. \|} =TLS= ▲This article asis about enabling TLS in your existing email program when sending email through the AAISP email servers (smtp.aa.net.uk). If you are setting up an email program from scratch then simply select/tick the options to use TLS or STARTTLS. This page gives help when you want to edit an existing account to enable TLS. ==Why do this?== Some devices such as webcams, DVRs, and so on the want to send email may lack TLS features. If this is the case, then do check for firmware updates. If you are sending from outside of our network, iei.e. using another broadband or mobile provider, then you will be using authentication. This involves sending your username and password across the internet to our servers. This should be done with TLS enabled as otherwise your credentials could be seen by other people who could steal your password and cause mayhem! At the moment (2016-12), for legacy reasons, we still do allow customers to send authenticated email without TLS - this is a risk and it is a feature we want to disable in the near future. We will then only allow authenticated email over TLS. If a customer needs to send email when not using our broadband services and cannot support TLS then we'd have to suggest to use the email services provided by the ISP you are connected to. \|- !A&A Broadband \|Optional, but ~~Recommended~~recommended \|Optional, but ~~Recommended~~recommended \|587 \|- == Mutt == Mutt will your your machine's local MTA (ege.g. sendmail, exim, postfix etc.) - so look at the documentation for that for more information. Typically, you can enable TLS with the following entries in your .muttrc: <syntaxhighlight lang="shell"> set ssl_starttls=yes set ssl_force_tls=yes To test if TLS is actually working, you can send yourself an email then look at the [[Email Viewing Headers\|headers]] and look for the Received lines showing the connection between your computer and smtp.aa.net.uk: <syntaxhighlight lang="shell"> Received: from andrew.ec.aa.net.uk ([2001:8b0:1:ec::8]) by smtp.aa.net.uk with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) An email sent without TLS would look similar, but would not show any TLS information. <syntaxhighlight lang="shell"> Received: from andrew.ec.aa.net.uk ([2001:8b0:1:ec::8]) by smtp.aa.net.uk with esmtp