Secure email server with SSL/TLS
To secure the 'POP3', 'IMAP' and 'SMTP' protocols with SSL/TLS encryption, you can store an SSL/TLS certificate for all email-based services in Plesk. The certificate is used for the SSL/TLS connection and for the STARTTLS connection for all protocols.
Login to the Plesk Control Panel
To log in to the Plesk Control Panel, please refer to the following article: Login to Plesk Control Panel.
Configure global SSL/TLS certificate
Navigate to the menu item Tools & Settings → SSL/TLS Certificates and select the [Change] button in the "Certificate for protecting emails" area.
In the next step, select the desired SSL/TLS certificate for the mail server:
Then click on "OK" to apply the changes.
Domain-based SSL/TLS certificates for emails
In addition to the global SSL/TLS certificate, Plesk also provides the option of storing different certificates for the IMAP, POP3 and SMTP e-mail services based on SNI (Server Name Indication) technology.
To do this, navigate to Websites & domains → Your domain → Emails → Email settings
Select the desired certificate from the "SSL/TLS certificate for e-mail" drop-down menu. Then click on the OK button to save your changes.
Attention: Depending on the cipher negotiation, the user-defined SNI certificate may not be supported. In this case, the global certificate is used for emails despite the domain-based certificate. Therefore, make sure that you have configured a valid global certificate.
Standard Ports
Plesk provides the protocols for the e-mail service under the following ports:
| Protocol | Port | Encryption |
|---|---|---|
| POP3 | 110 | without / STARTTLS |
| POP3S | 995 | SSL/TLS |
| protocol | port | encryption |
|---|---|---|
| IMAP | 143 | without / STARTTLS |
| IMAPS | 465 | SSL/TLS |
| protocol | port | encryption |
|---|---|---|
| SMTP | 25 | without |
| SMTPS | 465 | SSL/TLS |
| SMTPS | 587 | STARTTLS |