tuxer

Member
Jan 8, 2010
17
0
51
Hello,

While trying to login using "secure connection :: ssl encryption", email client is showing the following error.

Code:
Error while fetching mail.

Failed to read a valid greeting from POP server <hostname>
We have a wild card ssl installed for all services (http, courier, pop, exim ftp etc)

WHM 11.26.8
CENTOS 5.5 i686 standard
mailserver :: courier

I have tried courierup, upcp and even tried reinstalling the certs. If I change the option to TLS from SSL, it works.
Checked on a different machine with the same setup, there is no issue while setting the secure connection to "ssl"

Please let me know how I can solve this.

something I tested on terminal

Code:
# openssl s_client -connect localhost:995 

CONNECTED(00000003)
2217:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
Please help
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,545
12
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
Hello,

While trying to login using "secure connection :: ssl encryption", email client is showing the following error.

Code:
Error while fetching mail.

Failed to read a valid greeting from POP server <hostname>
We have a wild card ssl installed for all services (http, courier, pop, exim ftp etc)

WHM 11.26.8
CENTOS 5.5 i686 standard
mailserver :: courier

I have tried courierup, upcp and even tried reinstalling the certs. If I change the option to TLS from SSL, it works.
Checked on a different machine with the same setup, there is no issue while setting the secure connection to "ssl"

Please let me know how I can solve this.

something I tested on terminal

Code:
# openssl s_client -connect localhost:995 

CONNECTED(00000003)
2217:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
Please help
So that we may more accurately diagnose the issue, please provide the following details:
  1. What is the name and version of the affected e-mail client software?
  2. Does the issue only occur via POP3, or does it also occur via IMAP?
  3. What is the configured port number used by the e-mail client for TLS?
  4. What is the configured port number used by the e-mail client for SSL? I see POP3S port "995" is mentioned, but it will help greatly to confirm all available information.
  5. Have you tried switching from Courier to Dovecot to see if there is any change in behavior?
    WHM: Main >> Service Configuration >> Mailserver Selection
 

tuxer

Member
Jan 8, 2010
17
0
51
1) Our client is using Outlook 2010, I tested it with Evolution 2.28.3. Have issue on both

2) Issue only with POP3, tried changing it to IMAP for receiving mail and it works fine.

3) On evolution, I do not see a place to view or configure ports so I assume by selecting ssl it should default to the secure port 995. The client is using 995 on outlook, I can confirm that.

4) same as above

5) Tried switching to dovecot and got the same issue.
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,545
12
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Twitter
1) Our client is using Outlook 2010, I tested it with Evolution 2.28.3. Have issue on both

2) Issue only with POP3, tried changing it to IMAP for receiving mail and it works fine.

3) On evolution, I do not see a place to view or configure ports so I assume by selecting ssl it should default to the secure port 995. The client is using 995 on outlook, I can confirm that.

4) same as above

5) Tried switching to dovecot and got the same issue.
Thank you for the information. Please test access via both TLS and SSL using a new self-signed certificate by resetting the existing SSL certificate that is currently installed for Courier/Dovecot; this can be performed by using the Reset Certificate option in WebHost Manager via the following navigation menu path (with linked documentation): WHM: Main >> Service Configuration >> Manage Service SSL Certificates

Please let us know the output from the following commands (via root SSH access):
  • For Courier:
    Code:
    # cat /var/cpanel/courierconfig.yaml
  • For Dovecot:
    Code:
    # cat /var/cpanel/conf/dovecot/main
 

tuxer

Member
Jan 8, 2010
17
0
51
We are using our shared ssl certificate for all services.

Turns out there were too many connections to the ports. Manually killed all and restarted services. Everything is fine now. Thank you very much Don for all your inputs.