vacancy

Well-Known Member
Sep 20, 2012
410
127
93
Turkey
cPanel Access Level
Root Administrator
Whm > Exim Configuration Manager > Security

Allow weak SSL/TLS ciphers > On
Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server > Off

Options for OpenSSL change > +no_sslv2 +no_sslv3

SSL/TLS Cipher Suite List change > ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA

Save changes.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Really old Outlook doesn't use TLS but SSLv3 - if it's that instance @GOT would be correct you'd have to allow SSLv3 if you had to accept it. Which I wouldn't recommend. If it's just that it's using an older encryption method that's been deemed weak @vacancy's suggestion would be sufficient. Either way, I'd recommend they use Mozilla Thunderbird which is free and doesn't experience these issues instead of allowing weaker encryption or deprecated protocols.