Regarding set-up of IMAP on exchange 2010 sp3, there are a couple of things I don't understand.
1) I have SSL v2 & v3 disabled on the server via registry. So how are clients able to connect to the exchange server on port 993 with SSL enabled? Is it actually falling back to no security or falling forward to TLS?
2) According to the below dialogue, TLS should use port 143, but also no encryption should use port 143. So which is it? Is it purely controlled by the next tab 'Authentication'?
3) With the IMAP receive connector shown below, does the 'Integrated Windows Authenication' also only operate after the TLS connection is established or does it work outside the TLS connection?
Best Answer
Port
993is for direct SSL/TLS and the default IMAP port143uses opportunistic TLS i.e.STARTTLScommand to establish secured connection within the plain text connection.Both uses only ciphers you allow, so even while the port
993is reserved for "SSL" the connection will be TLS if configured that way.FastMail's article SSL vs TLS vs STARTTLS covers this topic pretty well and also explains your confusion: