Secure SMTP and Authenticated SMTP
This document outlines how to enable both encryption and
authentication for your SMTP connection with Magma. If you prefer to
only enable one of these, you may do so. However, Magma recommends
you enable both at the same time for maximum security and ease-of-use.
Magma offers a secure authenticated SMTP service through mail.magma.ca. While it is not required that
you authenticate when you are directly connected to Magma's network, this service is very useful if
you are travelling and need to send mail through our systems.
Magma has compiled instructions on enabling secure authenticated SMTP for some of the most popular email
General Configuration values for secure authenticated SMTP AUTH
- Your SMTP server must be set to mail.magma.ca
- If your email clients requires a setting for a secure port, the value is 25.
- Magma's mail servers (mail.magma.ca) will accept email on the standard port (port 25) and also on port 587 (in case you are using a 3rd party access provider who blocks traffic on port 25)
To configure Netscape to use authenticated SMTP:
- Go to the Edit menu of the Email pane Mail and Newsgroup Account Settings.
- You need to have the correct SMTP server set. Make sure the server name is named mail.magma.ca. The port setting may be left blank.
- Check the box indicating to use name and password.
- Enter your username in the text field.
- Optional (for encrypted connection): Under "Use secure connection" select "when available".
- Click OK to save the Preferences.
Outlook Express / Outlook 2000
To configure Outlook Express / Outlook 2000 to use authenticated SMTP:
- Go to the Tools menu and choose accounts.
- Select the Mail tab, and highlight your e-mail server name in the upper left hand pane of the window.
Click the properties button. Make sure the server is named mail.magma.ca, or create a new account with the name mail.magma.ca.
- Select the Servers tab at the top of the window that appears.
- For Outgoing mail (SMTP) server, use mail.magma.ca.
- At the bottom of the pane, check the box that says My server requires authentication.
- Click the setting button, next to the My server requires authentication, and check the box that says "Use the same settings as my incoming mail server".
- Click OK.
- Select the Advanced tab at the top of the window that appears.
- Optional (for encrypted connection): Under the Outgoing mail (SMTP) port number, (which should be set to
25), check the box labelled "This server requires a secure connection".
- Click Apply at the bottom.
- Click OK at the bottom.
- Click close on the Internet Accounts window.
Outlook 2002 / XP
To configure Outlook 2002 / XP to use authenticated SMTP:
- While in Outlook 2002, under the Tools menu, select E-Mail Accounts.
- Select View or change existing e-mail accounts, and click Next
- Select the e-mail account and click Change
- Ensure that Log on using Secure Password Authentication (SPA) is unchecked.
- The mail server should be set to "mail.magma.ca" if it is not already set up as such.
- Click on More Settings
- Click on the Outgoing Server tab.
- Ensure that My outgoing server (SMTP) requires authentication is checked.
- Ensure that Use same settings as my incoming mail server is selected.
- Click on the Advanced tab.
- Ensure that Outgoing server (SMTP) is set to 25 (default)
- Optional (for encrypted connection): Under Outgoing server (SMTP), ensure that This server requires a
secure connection (SSL) is checked.
- Click Ok on the More Settings window.
- Click Next and then Finish on the e-mail account window.
To configure Eudora to use authenticated SMTP:
- Go to the Tools menu and choose options.
- Make sure the SMTP server is named mail.magma.ca.
- Select the settings; Allow Authentication, Immediate Send, and Send on Check.
- Optional (for encrypted connection): Under Secure Sockets when Sending, select "If Available, STARTTLS."
- Click OK.
If you receive the following error when trying to send an email via TLS in Eudora:
Certificate Error: Cert Chain not trusted.
Try adding this certificate to your certificate database for SSL to succeed
Server Certificate : Verified OK
Follow these instructions to fix this problem:
a. Go to the Tools menu and choose options.
Notes about Magma's Secure/Authenticated SMTP Implementation
b. Click on "Sending Mail"
c. Click on "Last SSL info"
d. Click on "Certification Information Manager"
e. Under "Server Certificates", you will see "US, Equifax, Equifax Secure Certificate Authority". Click on it then click on "Add to trusted"
f. Click on "Done" then "OK" twice.
- Magma is running SMTP services on two extra TCP ports (ports 465 and 587) to allow our customers to send mail through our systems from locations that may block the standard SMTP (port 25).
- Magma's SMTP service on ports 25 and 587 are identical, they both support regular SMTP connections as well as SSL/TLS connections. Note that SSL/TLS connections on those ports are initially unencrypted but can be switched to use SSL/TLS after the mail client issues a "STARTTLS" command.
- Magma's SMTP service on port 465 only supports SMTPS connections. This means that the entire connection, from beginning to end, is made over a secure channel. Unencrypted connections to our mail servers on port 465 are not supported.
- Also note that some mail clients like MS Outlook 2000 and MS Outlook Express use SMTP with STARTTLS when configured to use port 25 but use SMTPS when configured to use any other port. This means that if you are trying to use SSL/TLS on a port other than 25, you must use port 465.