Email Server Tips : How To Check SMTP Outgoing Already Use Encryption/TLS Connection

Posted by

Many ways to secure email delivery. One of them is use TLS connection/encrypted when sending email. The encryption connection will make connection between email server more secure. This guidance will explain step by step how to check smtp outgoing already use encryption or not.

# Checking Header

Please try to send email to Gmail or Yahoo and check in the header email. The following is example header email at Gmail.

Return-Path: <xxxxx@xxxxxxxxx>
Received: from xxxxxx.excellent.co.id (xxxxxxx.xxxxxxxx.xxx. [139.xxx.xxx.xxx])
by mx.google.com with ESMTPS id h85si6267366oib.24.2016.02.12.18.05.28
for <xxxxxxxxx@gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 12 Feb 2016 18:05:29 -0800 (PST)

In the header, we get information about version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128. It’s mean, your smtp outgoing already use encryption/TLS connection.

# Checking Show details on Gmail

If you see encryption: Standard (TLS) on Show details, your SMTP outgoing already use encryption.

check tls connection

# Checking via http://www.checktls.com/

Please open the following link : http://www.checktls.com/perl/TestSender.pl and click on Start Test. Follow the intruction that given with send email to test@TestSender.CheckTLS.com with subject passcode. You will receive reply about your outgoing connection whether has been used encryption or not.

# Activate SMTP Outgoing Encryption/TLS

If your SMTP outgoing not yet use encryption/TLS, please try this configuration to achieve it.

The following guidance is for Engine Postfix. Please open main.cf and make sure the configuration like follow

smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may

The following guidance is for Zimbra Postfix. By default, Zimbra 8.5 and latest already use encryption. If you are use Zimbra 8.0.x or below, please try this command and restart Zimbra.

zmlocalconfig -e postfix_smtp_tls_security_level=may

Good luck and hopefully useful 😀

Source : https://bugzilla.mozilla.org/show_bug.cgi?id=956714

4 comments

  1. Hello Imanudin,
    I have zimbra 8.6 and it should be TLS by default in SMTP but it’s not working, I have also check setting regarding to this but it showing ” xyz.com did not encrypt this message Learn more” when sending mail to gmail id.

    1. Hi Pankaj Daga,

      Are you have another server in front of Zimbra like a router, firewall, UTM and etc? I have a similar issue when using Untangle in front of Zimbra

        1. Hi Yohanes,
          Please open spam blocker settings | Advanced SMTP Configuration | tick boxes on Allow and ignore TLS sessions

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.