varul — 2012-04-19T01:44:52-04:00 — #1
I just have came across the instant where my mail client was unable to connect the mail server so that I was asked to use the webmail but the webmail service for our mail server has not enabled the SSL certificate. All the email communication through our web mail will be held on http connection only instead of https. I know that the data transmission of our email communication in this situation will be unencrypted. However, I would like to know more in detail what are all impacts can be possible due to the data transmission on http protocol instead of https protocol for mail communication of this situation.
logic_earth — 2012-04-19T21:59:09-04:00 — #2
Email itself already travels unencrypted that is why you never use it for private data.
doug_g — 2012-04-20T22:50:32-04:00 — #3
If you're using webmail only, then you need a certificate for your http server. You'd only need a certificate for the mail server if your webmail connects to the mail server using a TLS connection.
If the mail server doesn't have a certificate, no other mail clients like outlook or thunderbird, etc, will be able to use an encrypted connection to the mail server.