Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PCI Failed on Port 143 (TCP)

Discussion in 'Security' started by eglwolf, Jan 2, 2018.

  1. eglwolf

    eglwolf Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    166
    I recently started using email on the server and had to open up the mail ports. Now my PCI scan is failing on port 143 (I believe IMAP ports). How can I fix this?

    "Unencrypted Communication Channel Accessibility" and "TLSv1.0 Supported" are the errors.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,516
    Likes Received:
    1,616
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Can you browse to "WHM >> Mailserver Configuration" and let us know what's listed for "SSL Cipher List" and "SSL Protocols"? Also, can you confirm which version of cPanel is installed on this system?

    Thank you.
     
  3. eglwolf

    eglwolf Well-Known Member

    Joined:
    Jan 1, 2004
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    166
    Cipher List: AES128+EECDH:AES128+EDH
    SSL Protocols: !SSLv2 !SSLv3

    CPanel Version: v68.0.21
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,516
    Likes Received:
    1,616
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You can modify the following option in "WHM >> Mailserver Configuration":

    Allow Plaintext Authentication (from remote clients)

    Per it's description:

    You can add "!TLSv1" to the existing entries for "SSL Protocols" option in "WHM >> Mailserver Configuration" to ensure TLSv1.0 is not supported.

    Thank you.
     
Loading...

Share This Page