Configuring Outlook Express for POP3 over SSL
After configuring Outlook Express for a POP3 connection, these instructions may be followed to set up a secure connection using TLS/SSL encryption. This ensures all communications between the email client and our email servers, including user names and passwords, are protected as they are transmitted over the internet.
Step One
Edit your account in Outlook Express by selecting Tools -> Accounts from the application's menu. Select the "Mail" tab from within the "Internet Accounts" window. Select your email account and click the "Properties" button.
Step Two
Select the "Servers" tab in the Properties window that pops up. The server name in the "Incoming mail (POP3):" field should be changed to the appropriate abihosting.com hostname. In this case it should be pop1.abihosting.com. Changing the server name will avoid name mismatch warnings when checking for email. This is due to the fact that the certificate used is for a specific name. This step is not neccessary; if you don't mind these warnings simply leave this field as is. When ready to continue, click on the "Advanced" tab.
Step Three
Check the box for "This server requires a secure connection (SSL). Unfortunately, at this time Outlooks Express does not support the STARTTLS extension. Thefore, the port number for "Incoming mail (POP3):" will be changed from 110 to 995. Some configuration of firewalls may be required for this setting to work. Such a topic is beyond the scope of this Knowledge Base. Please consult the proper documentation or your organization's IT staff if any issues arise.
The mail server uses a certificate signed by our own private CA (Certificate Authority). This does not lessen security in any way. However, the mail client will correctly warn you that it can not properly identify the cert. This is not a problem, and if you want to avoid these warnings in the future follow these additional steps.
Outlook Express and Internet Explorer share the same trusted certificate and Certificate Authority information. Therefore, we can use Internet Explorer to set up trust for the ABI Hosting private CA. To do so, visit https://popwebmail1.abihosting.com/.
Step Four
A warning similar to the image above should pop up. This is safe, and is the expected behavior. Click on the "View Certificate" button.
Step Five
In the "Certificate" window that pops up, click on the "Certification Path" button. Highlight the top entry, "ABI Hosting Certificate Authority", and click on the "View Certificate" button again.
Step Six
You should now see a window like the one above. To establish trust for our private CA, click the "Install Certificate" button.
Step Seven
The above "Security Warning" window should now be displayed. Again, this is the expected behavior. Agree to the installation of the cert by clicking the "Yes" button.
At this point our certificate is installed. Neither Outlook Express nor Internet Explorer should display any warnings when accessing secure pages using certificates signed by our private CA.
