WARNING: Do not attempt to setup or access Zelan email unless you are sure you have the correct username and password. Incorrect login attempts will rapidly lead to security mechanisms blocking access.
All services require authentication using the full email address as UserID, e.g. joebloggs@zelan.co.nz and password.
New accounts will be supplied with an inital password that will need to be changed on first use. It is highly recommended that you connect initially via Webmail to test connectivity and set your password, then proceed to configure an Email Client after that.
If you encounter problems connecting an Email Client, it's likely you've become blocked and will need to contact Zelan Support for assistance.
WebMail
The existing Zimbra Server and Desktop Software versions became "End of Life" with effect from 31st Dec 2023 and no longer receive security updates.
Unfortunately there is no viable upgrade path, so we are migrating to a new product called Axigen.
Migration to the new server will be done in stages and is semi-automatic. When your email account is ready for migration, your 1st login to the new Axigen Server will cause emails to be migrated, but Address Books and Calendars may need some manual intervention. The migration process may take a while if you have a lot of old emails.
IMPORTANT: Automated migration can only occur using the IMAP protocol with unencrypted password.
The old Zimbra Server will continue to be aviailable for a period of time, but will only contain old emails, once migration has been initiated.
 |
 |
Detail for configuring Email Clients
CAUTION: Using the automated setup mechanisms of email clients when not connected to the Zelan network can cause the security mechanisms to block access. When not connected to the Zelan network, it is best to setup email manually.
Unfortuantely some email clients will try automatic mode by default, so may lock you out before you have a chance to manually intervene.
Before you start, ensure the time, timezone and date are set correctly and accurately on your device. Secure connections can fail if time/date is incorrect.
Due to the plethora of different email clients, the different terminology they use and the frequency with which things change, it is impractical to maintain an exhaustive list of specific instructions. The information below is generic, so you may need to seek expert help if you don't have the requisite skills. Whilst Zelan email is currently nominally FREE, this is only for access via WebMail, any support required for configuring email clients will incur a support charge.
Zelan Email Server Hostname = mail.zwi.co.nz
| Service | Description | Security | Protocol | Port |
|---|---|---|---|---|
| SMTP | Unsecured email submission | None or STARTTLS | TCP | 587 |
| SMTPS | Secured email submission | TLS | TCP | 465 |
| POP | Unsecured email retrieval | None | TCP | 110 |
| POPS | Secured email retrieval | TLS | TCP | 995 |
| IMAP | Unsecured email retrieval | None | TCP | 143 |
| IMAPS | Secured email retrieval | TLS | TCP | 993 |
Whenever possible only use secure services with S suffix. For very old applications that do not support TLS v1.2 or higher you will need to use the unsecured services.
Secure Email - Minimum Application Versions
The technical requirement is that all devices and applications must now support TLS v1.2 or higher.
"Secure Email" is actually badly named, since it doesn't guarantee end to end security, it primarily protects your email password when submitting email. Whilst it does also protect the email from your email client to the local server, it is likely to be transmitted in Clear Text thereafter. For full security you need to implement S/MIME or PGP. Both ends need to support this, so can be cumbersome to setup and maintain.
Due to security updates, very old applications may no longer be able to access the Zelan Email Server via the "secure" services. Regrettably due to increasing attacks on servers by malicious people, we cannot leave the server vulnerable simply to support very outdated applications. The following list is by no means exhaustive, but gives the minimum versions for some applications that are in widespread use. In general terms, if the application or device is newer than 2020 and/or is configured for regular security updates and the supplier is still actively maintaining the product, it should continue to work.
- MS Windows v7 or newer MS Phone OS v8.0.1 or newer
- Android v4.4.2 or newer
- Java v7 or newer
- Apple MacOS v10.8.9 or newer
- Apple iOS (iPhone/iPad/iPod) v6 or newer
- Linux (OpenSSL v1.0.1l or newer)
- FireFox Browser v31 or newer
- IE Explorer v10 or newer
- Google Chrome Browser v49 or newer
- Safari Browser v6 or newer (however v6.0.4 not supported)
The workaround for very old applications that do not support TLS v1.2 and need to be retained, is to configure them for unsecured access to the email server.
The most likely applications to fail are old printers/fax machines/scanners that forward via email.