Securing SmarterMail with SSL / TLS

SmarterMail from is a fantastic enterprise class Windows based mail server. One of the most compelling reasons to try Smatermail is that they offer a full featured version free for one domain. Leveraging SSL/TLS protocols with SmarterMail allows mail communication to be encrypted increasing privacy and security.

Export SSL Certificate to PFX File

Before making changes to Smartermail you will need to export the SSL certificate you intend to use to a PFX file that is password protected and contains the private key of the certificate. Smartertools recommends copying the file to C:\smartertools\certificates.

  1. Open Microsoft Management Console (MMC)
  2. Select Add new Snap-In and then select Certificates
  3. Expand the Personal certificate store and then select the certificate you want to export
  4. Right click on the certificate and select Export
  5. Select PKCS #12 (PFX) and click Next to save the file


Configure SmarterMail SSL/TLS Ports

After logging into SmarterMail using an administrator account, go to the Settings menu and then click on Bindings and then Ports. From this page you will see the currently configured Ports SmarterMail is using and whether or not they are using SSL and TLS.


From the Ports men select New to add each additional port you intend to configure with SSL. In the example below I’m configuring SSL to be used with the SMTP Protocol on Port 465. Enter the certificate path to the PFX file that was exported in the previous steps.  After entering the password click the Verify Certificate button to validate the path and certificate password are correct. When the certificate verification has successfully completed a notification will be displayed across the pop-up window. Click Save and the repeat the steps for any additional ports you intend to configure with SSL.


Configure SSL/TLS IP Address Bindings

Again from the SmarterMail Settings menu click on Bindings and then IP Addresses. From the list of configured IP Addresses select the one that is used by the mail server services and then click Edit. Select the new SSL/TLS ports that you added in the previous step that will be used and then click Save.


Open Firewall Ports for SSL/TLS

Be sure to open the new ports on your firewall appliance. In the example below I’m opening the additional SMTP ports using the local Windows Firewall on my server. The following ports can used for SSL/TLS.

  • 25 (TLS), 110 (TLS), 143 (TLS)
  • 465 (SSL), 993 (SSL), 995 (SSL)


Configure Mail Client for SSL/TLS

Once you have confirmed the new ports have been added to SmarterMail and the Firewall Ports are open you just need to configure your mail client to use the new settings.

The Incoming Server (POP3) settings should use port 995.


The Outgoing Server (SMTP) settings should use port 465.


In Summary

SmarterMail is an enterprise class mail server that allows securing your mail communication using SSL/TLS for greater privacy and security. Thanks for reading.

Peter Viola

Creative, customer focused, results oriented, Senior Web Systems Engineer who enjoys providing the highest level of customer service supporting complex Windows hosting solutions. MCITP, MCSA, MCTS

More Posts - Website