Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Your server does not support the connection encryption type

Discussion in 'E-mail Discussion' started by webtipster, May 30, 2017.

  1. webtipster

    webtipster Active Member

    Joined:
    Aug 27, 2016
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Atlanta, GA
    cPanel Access Level:
    Website Owner
    For some weird reason Outlook 2010 is reporting error 0x800CCC1A "Your server does not support the connection encryption type you have specified".

    Incoming port: 995
    Checked: This server requires an encrypted connection (SSL)
    Outgoing port: 465 / SSL

    SSL is enabled on the server and plaintext is disabled.

    I am able to send normally but cannot receive only from 2 computers, others are working fine. One is Outlook 2010 and the other is Outlook 2016. Tried Thunderbird and it works fine, it's just the Outlook.

    Any ideas anyone?

    Thanks in advance.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,870
    Likes Received:
    1,811
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Do you notice any specific output in /var/log/maillog or /var/log/exim_mainlog when this happens? Does it make a difference if you switch from "mail.domain.tld" to "domain.tld" as the mail server name in the email client configuration settings?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. webtipster

    webtipster Active Member

    Joined:
    Aug 27, 2016
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Atlanta, GA
    cPanel Access Level:
    Website Owner
    Hi @cPanelMichael,

    Thanks for your reply!

    That's what's strange, did not see anything specific in any output. Tried switching from mail.domain to domain.tld and tried using server hostname, all with the same error. But what is strange is that this is only happening on the 2 computers that were already setup using POP3 accounts and when you try to update the ports to 995 with SSL it gives that error. But on the same computers, if I run thunderbird and install the email it works fine, only the Outlook with pre-existing email setup has the issue.

    So I'm sure it's Outlook related error so I just enabled plaintext login for Exim as a work-around :).
     
  4. ar.ripon

    ar.ripon Registered

    Joined:
    Nov 26, 2017
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Dhaka, Bangladesh
    cPanel Access Level:
    Root Administrator
    I have same issue as my cpanel version is 68.0.16. ssl working for thunderbird as well mobile mail client. But outlook is not support ssl as well as tls (995,465). Though 26 and 110 port is working on all outlook. im using domain.org for ssl and mail.domain.org for non-ssl.
    Outlook shows below error:
    login onto incoming mail server(pop3) : your server dows not support the connection encryption type you have specified.Try change encryption method.

    The operation times out waiting for a response from the sending(SMTP) server.
     
  5. osirion

    osirion Well-Known Member

    Joined:
    Jan 16, 2007
    Messages:
    50
    Likes Received:
    4
    Trophy Points:
    158
    I'm having the same issue. From what I can tell this is an Outlook issue. Some kind of SSL cache? I tried the 'clear ssl state' option in 'internet options' under 'content' tab - worked for some clients, not for others.
    Same clients can access via webmail and other devices (phones / pc's) - so definitely a local issue.
    Sometimes re-issuing the certificate appears to help, but not always.

    Im going out my mind for the remaining clients that none of the above seem to work.
     
  6. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    276
    Likes Received:
    9
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    199
    Likes Received:
    46
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    You might want to take a look at the thread Outlook 2016 Sending Email Fails After Cipher Suite Update, in particular this post by cPanelMichael to see if that fixes it for you. The client of mine who was experiencing the problem ended up solving it another way so I was never able to test the solution, but it seems likely the issue is with the updated cipher suites.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,870
    Likes Received:
    1,811
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. efuzone

    efuzone Well-Known Member

    Joined:
    Mar 17, 2011
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    56
    cPanel Access Level:
    Root Administrator
    Hello,

    I have the same issue.. my cpanel version is latest one "v68.0.21" My customers with old outlook not able to send emails. They selected SSL and port 465.

    My settings are:

    +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1 default

    ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 default

    I changed it to:

    +no_sslv2

    ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

    But i think there are many security risks. I have also disabled: Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server.

    Please provide me something better to add there which is secure and work for all outlook users.
     
    #9 efuzone, Dec 31, 2017
    Last edited by a moderator: Dec 31, 2017
  10. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    276
    Likes Received:
    9
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Your old outlook customers are currently able to send emails? With the settings you state in your post? Since you're disabled "
    it might be possible that no encryption is used at all. Depends on the the client settings in Outlook as well. But you might check the exim logs to be sure that encryption is used at all.

    I'm not aware of a 100% working solution for the older combos like Outlook 2003 and XP. In my test setup (with Outlook 2003 and XP) I was able to send emails from time to time. Very strange behavior. After 10-100 tries the email was accepted by Exim 4.89_1 with this cipher (TLSv1:DES-CBC3-SHA:168). Looks like Exim and Outlook need a lot of tries to get a successful handshake.

    Educating customers is a minefield. But tweaking ciphers is a temporary solution. Your customers need to move to a working Outlook/OS combo. Or recommend Thunderbird if possible.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice