Skip Navigation
Virginia Tech

computing.vt.edu
Home | Services A–Z | Help & Tutorials
You Are Here: Home > E-mail & Calendaring > VT Mail > Secure Sockets Layer (SSL)

Understanding Secure Sockets Layer (SSL)

As of October 1, 2003, Virginia Tech began requiring e-mail customers to use Secure Sockets Layer (SSL) to access the VT Mail server. SSL encrypts your password and incoming e-mail messages, making it more difficult for others to view your personal data. If you follow the appropriate set of configuration instructions your e-mail client (such as Eudora or Outlook Express) found on the VT Mail page, your e-mail client will be configured to use SSL. The following FAQs will help you understand SSL and why it is an important feature of VT Mail.

Note: If you use Outlook to access the Virginia Tech Exchange server (PID@exchange.vt.edu), you already have this type of encryption and therefore do not need to make any changes.

Frequently Asked Questions

What is the benefit of SSL?

SSL will encrypt your PID/password combination and your e-mail messages between your desktop client and the Virginia Tech mail server as you retrieve them. This functionality has been added to help you protect your PID password, which is transferred in clear text during non-SSL POP sessions. Please keep in mind that mail is still sent through the Internet in plain text and messages are almost always transferred between servers in plain text as well. Thus, you should not trust SSL POP for the privacy of your messages beyond the VT Mail server. You may consider message encryption such as PGP (Pretty Good Privacy) if you want your messages to be kept private.
For more information on PGP, go to the International PGP Home Page (http://www.pgpi.org/).

What encryption does the VT Mail (POP) server support?

At this time, the VT Mail server supports SSL v2 and v3 at strengths of 40, 56, and 128 bits. Most e-mail clients, such as Eudora and Outlook Express, are compatible with these standards. Virginia Tech reserves the right to restrict connections to lower key strengths if performance requires it.

Does the VT Mail (POP) server use a commercial SSL certificate or a self-generated one?

The POP server uses a secure server certificate from Thawte. Thawte root certificates are present in most SSL-enabled applications today.

Which port does SSL POP use?

SSL POP uses the standard 995 port. Most e-mail clients that support SSL will automatically use this port when enabled. Set your e-mail client to use pop.vt.edu as the incoming mail server. Most clients will fail if the incoming mail server does not match the common name on the server certificate.

Is SSL supported for outgoing mail, as well?

Yes. Password authentication is required for the SMTP (outgoing mail) server, auth.smtp.vt.edu. It is important that you set your outgoing mail server to use SSL.

Which port does SSL SMTP use?

SSL SMTP uses the standard 465 port. Most e-mail clients that support SSL will automatically use this port when enabled. Set your e-mail client to use auth.smtp.vt.edu as the outgoing mail server. Most clients will fail if the outgoing mail server does not match the common name on the server certificate.

 

0

 

Last updated on July 6, 2006
Request Help | Site Feedback | Disclaimer | Privacy Statement

computing.vt.edu is a service of Information Systems and Computing and the Vice President for Information Technology.
© 2002 - 2005 Virginia Polytechnic Institute and State University.