Using SSL and TLS in conjunction with IMAP4 or POP3 virtual services
When configuring a IMAP or POP service, there are many ways to secure this connection. Typically you will have the option of using SSL or TLS. Since these two protocols behave differently, it is important to correctly configure your LoadMaster as well as your server. If using TLS with either of IMAP4 or POP3, you will want to configure your virtual service to use STARTTLS. This can be accomplished by modifying your virtual service’s service type to “STARTTLS protocols”. Next head down to Standard Options and select the correct StartTLS mode from the drop down menu. For this configuration, your servers should not support TLS connections.
If you choose to configure IMAP or POP with SSL, this procedure will be very similar to a HTTPS configuration. The LoadMaster will listen on the high/secure port for client requests and then contact the server over one of two ports. If you are using the LoadMaster for SSL passthrough, we will receive packets from clients and then immediately forward their requests to the server over the same port. In this scenario the LoadMaster will only be concerned with the packets’ source and destination IP addresses. If you would like to use the LoadMaster as the endpoint for SSL connections, you will need to import your certificate onto the LoadMaster, associate it with the virtual service. The final step will be to ensure that we are contacting the server on the non-encrypted port.
Protocol |
Default port |
VS Port |
RS Port |
IMAP4 with or without TLS |
143 (TCP) |
143 (TCP) |
143 (TCP) |
POP3 with or without TLS |
110 (TCP) |
110 (TCP) |
110 (TCP) |
Protocol |
Default port |
VS Port |
RS Port |
RS Port |
IMAP4 w/ SSL |
993 (TCP) |
993 (TCP) |
143 (TCP) |
993 (TCP) |
POP3 w/ SSL |
995 (TCP) |
995 (TCP) |
110 (TCP) |
995 (TCP) |