CRAM-MD5 SMTP Not Supported: The Future of SMTP Authentication and Email Security
Email transfers have been authenticated using the challenge-response authentication mechanism known as CRAM-MD5, which is often connected to the POP, IMAP, and SMTP protocols. To improve email security and integrity, the decision has been made to discontinue support for CRAM-MD5 SMTP Authentication for sending emails, effective April 2022, under the policy CRAM-MD5 SMTP Not Supported.
However, a few (Apple, Mac, and Thunderbird) may have this set as a default. If you are impacted, you will not be able to send emails.
We recommend reviewing your email settings and using alternative SMTP authentication methods by updating to Plain/Password authentication over an SSL (Secure Sockets Layer) or TLS (Transport Layer Security) connection.
Select your device or software below, then follow the instructions to review and update your SMTP Authentication settings.
In this article, we will discuss:
- Update SMTP Authentication for iPhone/iPad
- Update SMTP Authentication for Mac Mail
- Update SMTP Authentication for Thunderbird
- FAQs
- Glossary
- Review
Update SMTP Authentication for iPhone/iPad
Follow the steps below on how to update SMTP Authentication for iPhone and iPad OS.
- Open Settings.
- Scroll down and select Mail.
- Next, click on Accounts.
- Select your email account, then choose your email address.
- Tap SMTP at the bottom of your screen.
- You will see Authentication with an arrow next to it. Tap this option.
- If you have MD5 Challenge-Response selected, change the option to Password.
You have updated your SMTP settings.
Update SMTP Authentication for Mac Mail
Follow the steps below on how to update SMTP Authentication settings for Mac Mail.
- Open Mac Mail.
- Click Mail, then click Preferences.
- Click Accounts and select your email address.
- Use theServer Settings pane to edit the SMTP Server List.
- Select your outgoing server and click Advanced.
- If it is set to MD5 Challenge-Response, change External (TLS Certificate) and click OK.
- You will be returned to Account Preferences.
You have updated your SMTP settings.
Update Authentication for Thunderbird
Follow the steps below on how to update SMTP Authentication settings for Thunderbird.
- Open Thunderbird.
- Select your email address and click View settings for this account.
- Click Edit.
- Select the drop-down menu next to Authentication method. If an Encrypted password is selected, change it to a Normal password.
FAQs
You can find frequently asked questions regarding CRAM-MD5 SMTP Authentication and its deprecation.
To find your email settings, enter your domain name in the form below.
Can't Find the Search Box?
If you can't find the search box for entering your domain name, you can access the settings directly through the dedicated search form.
Troubleshooting reCAPTCHA Issues:
If the reCAPTCHA security check isn't displaying within the form, here are some troubleshooting steps:
- Wait a Few Seconds: After you check the reCAPTCHA box, wait for 3 seconds before clicking "Submit."
- Update Your Browser: Ensure you're using the latest version of your web browser to avoid compatibility issues.
- Disable Conflicting Extensions: Certain browser extensions or plugins might interfere with the form. Try disabling them temporarily to see if this resolves the problem.
- Try Another Browser: If the issue persists, try accessing the form using a different web browser.
Additional Resources:
For further details on reCAPTCHA, you can visit the Google Support page: https://support.google.com/recaptcha.
Below is a detailed explanation of the email settings.
POP | IMAP | |
---|---|---|
Email Address: | The email address you are setting up. | The email address you are setting up. |
Incoming Mail Server: | A system that receives an email. The server is found in the above results. | A system that receives an email. The server is found in the above results. |
Incoming Server Port: | 995 - A setting that mail servers use for receiving an email. | 993 - A setting that mail servers use for receiving an email. |
Outgoing Mail Server: | A system that sends email. The server is found in the above results. | A system that sends email. The server is found in the above results. |
Outgoing Server Port: | 587 - A setting that mail servers use to send an email. | 587 - A setting that mail servers use to send an email. |
Outgoing Server (SMTP) requires authentication: | Yes - Your full email address and password. | Yes - Your full email address and password. |
SSL/TLS: | Enable this option. Enabling SSL and using TLS ensures your email remains secure. Please be sure you are using a mail app that supports TLS 1.2. | Enable this option. Enabling SSL and using TLS ensures your email remains secure. Please be sure you are using a mail app that supports TLS 1.2. |
Below are the email settings for Dotster and Mydomain customers:
Email Settings for Dotster Customers
Below are generic settings that should work for any email client or mobile device.
Setting | What You Input |
---|---|
Username: | Your full email address |
Password: | Your email password |
Connection Type: | Server & Port info |
POP | Incoming Server: pop.dotster.com Incoming Port: 110 (or 995 with SSL enabled) |
IMAP | Incoming Server: imap.dotster.com Incoming Port: 143 (or 993 with SSL enabled) |
SSL (Optional): | Enabled or Disabled |
Outgoing Server Authentication: | Enabled |
Outgoing Server: | smtp.dotster.com |
Outgoing Port: | 587 (or 465 with SSL enabled) |
Note: If 587 is not working for the Outgoing Port, try using port 25 instead.
Email Settings for Mydomain Customers
Below are generic settings that should work for any email client or mobile device.
Setting | What You Input |
---|---|
Username: | Your full email address |
Password: | Your email password |
Connection Type: | Server & Port info |
POP | Incoming Server: pop.mydomain.com Incoming Port: 110 (or 995 with SSL enabled) |
IMAP | Incoming Server: imap.mydomain.com Incoming Port: 143 (or 993 with SSL enabled) |
SSL (Optional): | Enabled or Disabled |
Outgoing Server Authentication: | Enabled |
Outgoing Server: | smtp.mydomain.com |
Outgoing Port: | 587 (or 465 with SSL enabled) |
Note: If 587 is not working for the Outgoing Port, try using port 25 instead.
Glossary
Below is the description of technical terms regarding email authentication and email security.
- SSL/TLS - The foundation of secure internet communication is TLS (Transport Layer Security) and SSL (Secure Sockets Layer). They function by establishing a secure connection via encryption between your web browser and the email server, guaranteeing the confidentiality and integrity of any information exchanged between them. This is essential for any online activity that demands data integrity and privacy, like shopping online, banking, and accessing your email. Consider SSL/TLS as a secure tunnel that keeps your information safe from attackers.
- SMTP - Simple Mail Transfer Protocol, or SMTP for short, is the accepted method for sending emails over the internet. SMTP is the mechanism that transfers an email from your email client (such as Outlook or Gmail) to the email server of the recipient when you click the "send" button. The recipient's email provider then takes over, getting the message via other protocols (such IMAP or POP) so it can be viewed, once SMTP has completed its task of delivering your email. SMTP guarantees that, wherever in the globe that may be, your message reaches its intended recipient.
- IMAP - IMAP is short for Internet Message Access Protocol. Email clients employ this method to retrieve emails straight from a mail server. You may read and manage your emails directly on the server with this protocol. All your devices will be able to access your email, and any changes you make in your email client will be synchronized with the server and reflected across all of them. IMAP is particularly useful for people who need to access their emails from various locations or devices, offering a flexible and consistent email experience.
- POP - POP, or Post Office Protocol, lets you download emails from a mail server to a local computer. When you use POP, your email client retrieves all your emails and saves them on your device, allowing you to read them offline. However, since POP downloads and often deletes emails from the server, it's best suited for people who prefer to access their email from a single device.
Review
CRAM-MD5 SMTP authentication is being phased out due to security flaws, the emergence of more reliable methods, and the requirement to adhere to modern cybersecurity best practices. In today's digital world, switching from CRAM-MD5 to more sophisticated and secure authentication technique is imperative to safeguard the availability, confidentiality, and integrity of email exchanges. Many problems could occur if you don't switch from CRAM-MD5 SMTP authentication to a more advanced and safer authentication which includes email delivery failure, increased security risks, technical problems and support.