How to I cofigure to work my IMAP client on port 993

Whenever I try to connect my IMAP client, either em Client, or K9 (android), they refuse connection on port 993. But port 143 works fine. But SMTP works on port 587 (using SSL/TLS).

I had received a SSL certificate as a part of domain purchase which I had updated the cert and key in the directadmin panel. I have no site hosted, as DA for MXroute doesnt allow host sites.

Does this SSL have any effect on the secure connection to IMAP? How do I make it work on port 993 ?

what’s wrong with using 143?

143 doesn’t provide SSL/TLS encryption

Mail client can do TLS on port 143 via imap command STARTTLS.

Port 993 is SSL port 143 is plaintext but can be upgraded to TLS.

3 Likes

So, is there a way to check the encrypted connection? Something like, for websites we have a padlock icon in the domain name if it has registered SSL cert with the server.
Is there anything sorta, I can try to check ?

You mention your own SSL cert, DirectAdmin, and MXroute. This is making me suspect:

  • You entered your own SSL cert into MXroute DA
  • You’re using your own domain name or a subdomain of it for IMAP and it’s failing SSL

If those are true then:

  • For an initial test, try using the server hostname instead of your own domain as the IMAP server. So if you’re on the MXroute Blizzard server, for example, then it would be blizzard.mxrouting.net. If you’re on a different server, I suspect you already know which one.
  • You should use these instructions to use custom IMAP/POP/SMTP hostnames with MXroute: Custom Webmail/POP/IMAP/SMTP Domain – MXroute
1 Like

I do not know @Jarland s setup, but nowadays mostly all mailservers accept a starttls against port 143 to have your comms encrypted.
that port is not defined as unencrypted only - it’s rather the other way around meaning 993 is defined as implicit :wink:

It depends…

Today, many email services, including Fastmail, now disable plain text IMAP and POP logins entirely on ports 143 and 110 , leaving encrypted connections on ports 993 and 995 as the only option.

143 seems disregarded per default on new installs, even more if e.g. EAS is enabled. Then again many providers leave 143 as a fall-back legacy solution

1 Like

Thanks for the information,

  • You entered your own SSL cert into MXroute DA
  • You’re using your own domain name or a subdomain of it for IMAP and it’s failing SSL

Both are true, this is what I had tried earlier. I followed your instructions, and I had successfully created a certificate for both of my subdomains (mail and webmail), i had them pointed to lucy.mxrouting.net in my DNS. I had populated my imap client to use mail.mysite.com as both IMAP and SMTP server and selected force use SSL port 993. This didnt work, but changing to port 143 works. Also in SMTP, port 465 doesnt work, but 587 works.

Seems the implicit SSL ports doesnt work, but the unencrypted port works (was not able to check if STARTTLS had works). Since I had the same issue with some other email clients, I’m guessing those have implicit SSL enabled.
Fow now I will start using 143, but still trying to figure out a way to use SSL ports.

Try using an SSL/TLS validator against the ports? (Could be client using old ciphers or something … Disclaimer: I just skimmed through the thread) :sweat_smile: