Common Maileater SSL/TLS Questions
search cancel

Common Maileater SSL/TLS Questions


Article ID: 12503


Updated On:


SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service CA Service Desk Manager CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager


  1. I have heard that TLSv1.0 can be considered the same as SSLv3.1.  Are there any differences?

  2. I have heard that all SSL versions are broken and insecure due to the POODLE attack.  Is Maileater affected?

  3. TLS negotiates the connection with the email server in plain text.  Are my login credentials being sent unencrypted?

  4. My email server uses a chain of certificates.  Do I need to include the entire chain for maileater to work with TLS?


CA Service Desk 17.x  


  1. TLS 1.0 was the successor to SSL 3.0, and the terms SSL and TLS are used somewhat interchangeably.  TLS 1.0 is equivalent to SSL 3.1, however TLS is not backwards compatible with SSL 3.0 and earlier.

  2. No.  The POODLE (Padding Oracle On Downgraded Legacy Encryption) attack targeted SSL 3.0 and earlier, however proper implementations of the TLS standard check the padding and prevent this attack.

  3. We do not transmit mail server credentials in plain text.  We first send a HELLO packet to the mail server over plain connection and then do “STARTTLS” to enhance the protocol to a more secure version. Only if this step succeeds, we do a login call.

  4. Having the Root CA Certificate (in PEM format) should suffice for the certificate validation.

Additional Information