Newer versions of the WHM\/cPanel software often has default SSL\/TLS settings in its Exim based mail server that will reject connections from some Internet hosts on the standard SMTP port (port 25) with an error like:<\/p>\n
TLS error on connection from … (SSL_accept): error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol<\/p>\n
If this is happening, you can “dial down” the default SSL\/TLS settings of cPanel’s Exim mail server through logging into your WHM site as its ‘root’ user, going to WHM -> Service configuration -> Exim Configuration Manager page and in the Find: field type “ssl”.
\nYou’ll then see some items in the Security section of this configuration and you should set the following:<\/p>\n
Allow weak SSL\/TLS ciphers = On<\/p>\n
Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server = Off<\/p>\n
Options for OpenSSL = +no_sslv2 +no_sslv3<\/p>\n
And then Save those updates.<\/p>\n
This returns cPanel’s Exim mail server to older settings more compatible with much of the Internet’s email traffic.<\/p>\n
FYI,
\nRichard.<\/p>\n","protected":false},"excerpt":{"rendered":"
Newer versions of the WHM\/cPanel software often has default SSL\/TLS settings in its Exim based mail server that will reject connections from some Internet hosts on the standard SMTP port (port 25) with an error like: TLS error on connection … Continue reading