andistancu

Member
Mar 11, 2014
8
0
1
cPanel Access Level
Root Administrator
Hi,

I manage a couple of servers running WHM/CPanel and they host some hundreds of mailboxes. I get calls everyday from people claiming their mail is not working. Everytime, I connect to their computer, disable SSL and then it works.

What should I do to enable SSL so they don't have to specifically disable it, as Mail.app always enables it by default.

They get this error: [Removed External Link]

Thank you,
Andi Stancu
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

Could you elaborate on the specific error message encountered? Note that you should upload an image as an attachment instead of providing an external URL.

Thank you.
 

andistancu

Member
Mar 11, 2014
8
0
1
cPanel Access Level
Root Administrator
Hello,

Sorry, I provided link to the screenshot. I am attaching this time.
When I uncheck use SSL for IMAP or for SMTP, the email starts working. Unfortunately, most of the time, Mail.app puts it back after a while and then t hey call me back.


Thank you,
Andi Stancu

Screenshot on 2014-03-11 at 11-47-45.png
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Please check /var/log/maillog at the time of the authentication failure and let us know if you see any specific output that could help determine the cause of the problem.

Thank you.
 

ThinIce

Well-Known Member
Apr 27, 2006
352
9
168
Disillusioned in England
cPanel Access Level
Root Administrator
It was a while ago now (i.e. years) but last I came into contact with it Mac mail was an absolute pain with self signed certs / cert hostname mismatches. The best workaround for that was using a proper signed cert for the server hostname and the server hostname in the mail client (rather than mail.customerdomain.com)

Which yes everyone should be doing anyway ::)
 

andistancu

Member
Mar 11, 2014
8
0
1
cPanel Access Level
Root Administrator
It was a while ago now (i.e. years) but last I came into contact with it Mac mail was an absolute pain with self signed certs / cert hostname mismatches. The best workaround for that was using a proper signed cert for the server hostname and the server hostname in the mail client (rather than mail.customerdomain.com)

Which yes everyone should be doing anyway ::)
Ok, that makes sense. I will try that. Does it have to be the hostname of the server or can I use any domain hosted on it ? The hostname is not so nice, but we also host nicer domains.

Thanks,
Andi Stancu
 

ThinIce

Well-Known Member
Apr 27, 2006
352
9
168
Disillusioned in England
cPanel Access Level
Root Administrator
If that is indeed your issue I believe at this point you'll need to use the server hostname - this is currently a drawback of the product (if recent releases have expanded the feature set on this Michael will correct me :) )

A related feature request is SSL certificate per domain on all services | cPanel Feature Requests you might like to vote on it, IMO I can see this would be quite tough to implement completely, but it is absolutely necessary because it makes the shared nature of the service salient and causes many clients to move their email off to other providers that offer other security benefits such as two factor auth etc.
 

andistancu

Member
Mar 11, 2014
8
0
1
cPanel Access Level
Root Administrator
In my WHM it sais the hostname is cq.qact.us
I also have an account for the domain qact.us
Should I buy a SSL for qact.us and ask everyone to use qact.us as incoming and outgoing mail server ?


Thanks,
Andi Stancu