PCI Failed on Port 143 (TCP)
I recently started using email on the server and had to open up the mail ports. Now my PCI scan is failing on port 143 (I believe IMAP ports). How can I fix this?
"Unencrypted Communication Channel Accessibility" and "TLSv1.0 Supported" are the errors.
-
Hello, Can you browse to "WHM >> Mailserver Configuration" and let us know what's listed for "SSL Cipher List" and "SSL Protocols"? Also, can you confirm which version of cPanel is installed on this system? Thank you. 0 -
Hello, Can you browse to "WHM >> Mailserver Configuration" and let us know what's listed for "SSL Cipher List" and "SSL Protocols"? Also, can you confirm which version of cPanel is installed on this system? Thank you.
Cipher List: AES128+EECDH:AES128+EDH SSL Protocols: !SSLv2 !SSLv3 CPanel Version: v68.0.210 -
Unencrypted Communication Channel Accessibility"
You can modify the following option in "WHM >> Mailserver Configuration": Allow Plaintext Authentication (from remote clients) Per it's description: [QUOTE] This setting will allow remote email clients to authenticate using unencrypted connections. When set to "no", only connections originating on the local server will be allowed to authenticate without encryption. Selecting "no" is preferable to disabling IMAP in the Protocols Enabled section since it will force remote users to use encryption while still allowing webmail to function correctly.
TLSv1.0 Supported"
You can add "!TLSv1" to the existing entries for "SSL Protocols" option in "WHM >> Mailserver Configuration" to ensure TLSv1.0 is not supported. Thank you.0
Please sign in to leave a comment.
Comments
3 comments