Domain migration, cannot send email MacBook

keat63

Well-Known Member
Nov 20, 2014
1,840
220
93
cPanel Access Level
Root Administrator
I've migrated a few domains from one server to another.
Everything has gone well apart from one user, whos using Mac Mail on a Macbook Air.
Whilst he can receive emails, he cannot send them.

I've tried every combination of sending ports, with TLS, without, With secure password authentication and without.
It just fails to connect.

I suspect that the macbook is using an outdated ciper or something ??

Any ideas how to fix this

Code:
2020-01-13 10:32:05 TLS error on connection from node-8pc.pool.dynamic.xxxxxxx.net ([192.168.0.17]) [xxx.xxx.xxx.xxx]:50499 (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
 
Last edited:

keat63

Well-Known Member
Nov 20, 2014
1,840
220
93
cPanel Access Level
Root Administrator
I found this:

https://forums.cpanel.net/threads/e...-type-you-have-specified.614631/#post-2498287

I changed my 'Options for OpenSSL' and 'SSL/TLS Cipher Suite List' to match those on my old server.

Code:
from:  +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1 
to:
+no_sslv2 +no_sslv3
and

Code:
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 

to

ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS
Now his macbook works.

Any thoughts on the implications of this please, and any further advice ?
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,297
1,251
313
Houston
Based on:

Code:
SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
The MacBook was attempting to connect with SSLv2 or SSLv3 which is disabled entirely on new installs of cPanel/WHM

Mac Mail will connect over TLSv1.2 which is the standard protocol I use it with 587 and Use TLS/SSL checked in the SMTP settings.