An Oracle blog about Workflow logs

Connection Security Protocols In Workflow Mailer

The Workflow notification mailer supports PLAIN, LOGIN, and DIGEST-MD5 authentication methods. If PLAIN or LOGIN authentication methods are used, it is recommended to connect to the SMTP server through TLS security protocol to encrypt user credentials details that are sent to the server. The TLS security protocol provides encrypted connections for sending data between the mailer and the mail servers, for enhanced security. By default the DIGEST-MD5 authentication mechanism is used which uses the JavaMail API to encrypt the user name and password before sending the data to the SMTP sever.

The enhanced workflow mailer supports below security protocols. You may use different protocols among the given options for secure connections to the SMTP/IMAP server.

  • None  -  If you do not want to use a secure protocol.

  • SSL/TLS  -   To use TLS directly.

  • STARTTLS  - To upgrade to an encrypted TLS connection using STARTTLS

A brief description of the different secure protocols is as follows:


TLS (Transport Layer Security) provides encryption path between systems (e.g. a computer machine and server). The Transport Layer Security (TLS)  protocol emerged from SSL and has superseded it. The SSL/TLS is the most used security protocol today. Since TLS supports large number of secure algorithms so it is more secure and efficient protocol than SSL.


STARTTLS protocol makes already existing insecure connection to a secure one using security protocol TLS. STARTTLS means "explicit TLS" i.e : a connection establishes on regular port and then STARTTLS issues a command which initiates TLS handshake and switch to protection mode.

Default Port Numbers for the selected 'Connection Security' value

Security Protocol Outbound Port Inbound Port
 NONE  25  143
 SSL/TLS  465  993
 STARTTLS  587  143

To override the default port, enter it in server name as hostname:port in mailer configuration page as shown in below Figure. 1. For example if you want to use the port 489 as custom port while configuring the mailer please give it as servername:489 in server name filed of mailer configuration page.

Figure. 1

As explained here a user can configure the workflow mailer with security protocols that are available.

Additional Resources

Oracle Workflow Administrator's Guide

Configuring Notification Mailer using GMail's SMTP and IMAP servers (Using new certificates)

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.