SSL Protocols and Issues Sending or Receiving Mail

During any SSL connection process, there are usually "talks" between the client (your device/s) and the server (wherever you are connecting to) that try to determine the best SSL protocol to use. You may be familiar with these and may have seen them named as or referred to as TLS 1, TLS 1.1, TLS 1.2 and TLS 1.3. The client will typically attempt to communicate with the server using a specific protocol, and if the server supports this protocol, the connection can continue. New protocols are continuously being planned and designed in order to replace older protocols to make the Internet a much safer and secure system, and as a result, older and perhaps insecure protocols are made obsolete and support for them is discontinued.

If you are reading this KB article then a member of our support team may have linked you to here to advise you that you are experiencing a protocol issue or mismatch which is preventing you from connecting to your services. The most common cause of this is using an outdated e-mail client or Operating System that does not support newer SSL protocols, and is trying to use an old protocol that is no longer supported. In our experience this most commonly happens with the "Mail" application on Apple machines.

What exactly is happening and causing this?
As we mentioned above, as newer protocols are developed they essentially supersede older protocols because they are more secure. Software needs to be updated to support and be compatible with these newer protocols. If a software change or update on our servers decides that, for example, TLS 1.0 is no longer secure and TLS 1.1 should be used instead - then any connections that attempt to use TLS 1.0 may fail with an error message. In many cases, your client will attempt to automatically work out the best protocol to use and handle this for you automatically. Unfortunately, in some cases, such as using much older software - these newer protocols may not yet be supported or compatible.

So how can I fix this problem?
Much of the software that we run on our servers is updated automatically. cPanel and WHM, for example, are typically responsible for deciding which SSL protocols are supported and used for each services - and their automatic software updates can change this with time. Usually protocols are only revoked many years after a newer protocol is released, which gives time for the software providers to ensure that this will not cause a problem. We are, however, seeing an increase in Mac OS users who have not updated their Operating Systems becoming affected by out of date protocol usage.

Unfortunately, in these instances, the main solution we suggest is that customers update to the latest version of their Operating System and then ensure that all of their subsequent software is up to date. This will ensure that they are compatible with the latest protocols, and this should solve the connection issues.

If you are using the Mail application and are not able to update your Operating System for some reason, we recommend looking into an alternative mail client such as Thunderbird - which will handle its own SSL protocols independant of your Operating System.

  • 101 Users Found This Useful
Was this answer helpful?

Related Articles

Why do I need to purchase a new hosting account to get a dedicated IP Address?

If you have an existing account with us, and require a dedicated IP address for the account you...

Do you support/Can I use custom nameservers?

Absolutely. In order to use custom nameservers on our service, you simply need to register your...

Why are my e-mails being marked as ***SPAM*** ?

Why am I seeing e-mails being marked as ***SPAM*** in the subject header? We now implement a...

I've received a warning about my reseller disk space

Due to the way cPanel and WHM works, there can be a difference of disk usage reported by our...

Too many connections from this IP

If you are receiving the error "Too many connections from this IP" when FTP'ing files to or from...