Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Strange problem with outgoing mail in old Mac

Discussion in 'E-mail Discussion' started by wonder_wonder, Mar 27, 2019.

  1. wonder_wonder

    wonder_wonder Well-Known Member

    Joined:
    Jan 16, 2019
    Messages:
    49
    Likes Received:
    22
    Trophy Points:
    8
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Hi. I have a problem, for me very strange, that I have been trying to solve for weeks and there is no way ...
    I have a client, there are several mail accounts on the server, they all work perfectly, but my client has a mac (old) using the mac mail manager, he can receive but not send (always from imap), he receives them, but when you want to send it gives you error.
    We have tested on another mac (also old) and have the same problem.
    We have tried on a more modern mac, everything is perfect.
    We use other managers (like thunderbird or directly access via web) and everything is perfect.
    Under this, I commented that the problem lies in the mail program of the mac, which is old and for some reason gives this ruling, he gave the ok, but .... one day he spoke with someone who also had the same problem, and from the server, they solved it.
    And that asks me now :)
    I have searched, I have reconfigured, I have done everything that occurs to me, but I am not able to solve the problem.
    Comment that we have tested both 465 and 587 outbound ports.
    Do you know what may be happening?
    Even if that Mac's mail manager program is old, it should be able to work ...

    Thanks in advance!
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,005
    Likes Received:
    2,123
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @wonder_wonder,

    Can you share the specific MacOS version installed on the affected systems?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    wonder_wonder likes this.
  3. wonder_wonder

    wonder_wonder Well-Known Member

    Joined:
    Jan 16, 2019
    Messages:
    49
    Likes Received:
    22
    Trophy Points:
    8
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Hello @cPanelMichael !
    Yes, of course: OS X Yosemite (ver: 10.10.5).

    Thanks!
     
  4. kdean

    kdean Well-Known Member

    Joined:
    Oct 19, 2012
    Messages:
    293
    Likes Received:
    24
    Trophy Points:
    18
    Location:
    Orlando, FL
    cPanel Access Level:
    Root Administrator
    Yosemite and older do not have support for TLS 1.2 so that's likely the problem is you're connecting securely. cPanel by default only does TLS 1.2 or later. There are threads around here that help you add TLS 1.1 support back. Although if it's just that old computer, they should just upgrade (MacOS upgrades are free to the latest version supported by the hardware).
     
    cPanelMichael and wonder_wonder like this.
  5. wonder_wonder

    wonder_wonder Well-Known Member

    Joined:
    Jan 16, 2019
    Messages:
    49
    Likes Received:
    22
    Trophy Points:
    8
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Ok, thanks for explanation.
    I search in WHM-Service Configuration-Mailserver configuration, in this, are SSL Minimum Protocol, bu default is set to TLS 1.2, I changed to TLS1.1 and indicate to my client try now, when he indicate to me the results, I post here.
    No, is not possible upgrade this computer, I try, but her hardware is not supported for upgrade (are of 2008 year).

    Thank you very much!
     
  6. wonder_wonder

    wonder_wonder Well-Known Member

    Joined:
    Jan 16, 2019
    Messages:
    49
    Likes Received:
    22
    Trophy Points:
    8
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Solved the "issue" :)

    Aren't like indicate in my last reply, I need made this changes:

    WHM-Service Configuration-Exim Configuration Manager->Tab Security -> Change Options for OpenSSL to:
    Code:
     +no_sslv2 +no_sslv3
    And SSL/TLS Cipher Suite List change to:
    Code:
     1 ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
    After this, my client can send mail from her older Mac :) but....can't connect to inbox xD.
    Them I go to WHM-Service Configuration-Mailserver Configuration and set SSL Minimum Protocol to TLSv1 and SSL Cipher List set to:
    Code:
    ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
    And now, all work fine (with mail) with my client with her older Mac :)

    Thank you very much!
     
  7. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,005
    Likes Received:
    2,123
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @wonder_wonder,

    Keep in mind the workaround allows for the use of weaker ciphers. This means greater compatibility with outdated operating systems, but it comes at the cost of reduced security. You should consider reaching out to the individuals using the outdated hardware and see if you can encourage a hardware upgrade at some point in the future.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    wonder_wonder likes this.
  8. wonder_wonder

    wonder_wonder Well-Known Member

    Joined:
    Jan 16, 2019
    Messages:
    49
    Likes Received:
    22
    Trophy Points:
    8
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Hello @cPanelMichael !
    Yes, I think in this, and you have reasson.
    For me is not the best option or solution (I was described in my last reply how solved this problem for if other user have the same problem) but for me, is not the best option...
    My client, seeing that now works ... I think it will take a while to upgrrade the hardware.
    That, or that there is a problem before and then ... yes, it will update it.
    I will tell you / asking you to update it as soon as possible.
    We have solved your "problem" with obsolete mail client, but we have lowered security on the server, and in the end, I am responsible for that security and server, so if finally something happens ...
    I take the opportunity to ask; I set to TLS 1.0, but I do not know if I can set it in TLS 1.1. I guess the best option is to try.
    That yes, I will insist very much, in that upgrade the hardware.
    And if he can not upgrade the hardware, there are other email clients (like thunderbird for example) that work great (I've been using it for so many years that I do not remember, and it's a real luxury).

    Thank you for your comments!
     
    #8 wonder_wonder, Mar 28, 2019
    Last edited: Mar 28, 2019
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice