Legacy mail clients not able to use SSL/TLS connection

Created:

2016-11-16 12:53:16 UTC

Modified:

2017-04-24 12:08:36 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Legacy mail clients not able to use SSL/TLS connection

Applicable to:

  • Plesk 12.5 for Linux

Symptoms

After upgrading to Plesk 12.5 some legacy mail clients not able to send a mail via SSL/TLS.

/var/log/maillog contains the following error message from Postfix and Courier:

courier-imaps: couriertls: accept: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
postfix/smtpd[17918]: warning: TLS library problem: 21146:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

Cause

SSLv3 support was disabled

Resolution

Enable backward compatibility with legacy mail clients:

  1. Set TLS_PROTOCOL=SSL23 in /etc/courier-imap/pop3d-ssl and /etc/courier-imap/imapd-ssl . Note: SSL23 will enable all SSL/TLS protocols.

  2. Edit /etc/postfix/main.cf and set the following:

    smtp_tls_security_level = maytls_medium_cipherlist = MEDIUM:!aNULL:!MD5

Have more questions? Submit a request
Please sign in to leave a comment.