Title: tls version problem Last modified: July 18, 2018 --- # tls version problem * [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/) * when postman connects to the mailserver in question all goes well as long as tls v1.0 is enabled in postfix, for security reasons tls v1.0 needs to be disabled but that seems to result in postman not being able to connect to the mailserver… is this expected behaviour? if not, any ideas on how to get it working? below is the session transcript of a failed connection attempt with tls v1.0 disabled in postfix (not too much to view): * smtp:tls:plain://xxx.eu:587 220 xxx.eu ESMTP Postfix (Debian/GNU) EHLO mywordpresssite. com 250-xxx.eu 250-PIPELINING 250-SIZE 20971520 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN STARTTLS 220 2.0.0 Ready to start TLS Viewing 15 replies - 1 through 15 (of 16 total) 1 [2](https://wordpress.org/support/topic/tls-version-problem/page/2/?output_format=md) [→](https://wordpress.org/support/topic/tls-version-problem/page/2/?output_format=md) * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10506502) * Where do you host? Do you manage the Postfix server? * On my local machine with tls version 1.2 it’s working fine. * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10506622) * mmmm so 1.2 is supported. And yes I can manage the postfix server, the webserver( apache etc) already has tls v1.0 disabled… disabling tlsv1.0 only seemed to affect smtp for two older apple devices using standard apple/macmail clients and postman, every other ‘client’ so far seems to be unaffected * related postfix error log: mail postfix/submission/smtpd[19684]: connect from xxxx.eu[xxx.xxx.xxx.xxx] mail postfix/submission/smtpd[19684]: SSL_accept error from xxxx.eu[xxx.xxx.xxx.xxx]: -1 mail postfix/submission/smtpd[19684]: warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:635: mail postfix/submission/smtpd[19684]: lost connection after STARTTLS from xxxx.eu[xxx.xxx.xxx.xxx] mail postfix/submission/smtpd[19684]: disconnect from xxxx.eu[xxx.xxx.xxx.xxx] * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10506655) * Run this on the postfix server: * `openssl s_client -connect localhost:587 -starttls smtp` * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10506758) * ty for your reply again, but unfortunately I can’t disable tls v1.0 right now to test starttls that way. But when I did have tls v1.0 disabled thunderbird for example didn’t have a problem (and it’s setup to connect via starttls as well). * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10507441) * Sorry, lost you. * The command will not disable tls. * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10507484) * i know, but postman is working fine when tls v1.0 on postfix is enabled, so it only seems to make sense to test (use the command) when tls v1.0 is disabled in postfix… can’t do that until tonight * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10507499) * Ohh, I understand now 🙂 Waiting for your update. * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10507515) * will keep you posted! * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10510311) * well, when testing from webserver to mailserver I get the same result wether I have tlsv1.0 enabled or disabled in postfix: * Certificate chain 0 s:/OU=Domain Control Validated/OU=PositiveSSL/CN=xxx.eu i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root 3 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN= AddTrust External CA Root i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/ CN=AddTrust External CA Root — Server certificate —–BEGIN CERTIFICATE—– —–END CERTIFICATE—– subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=xxx.eu issuer =/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA — No client certificate CA names sent — SSL handshake has read 6275 bytes and written 450 bytes — New, TLSv1/SSLv3, Cipher is ECDHE- RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE- RSA-AES256-GCM-SHA384 Session-ID: 460B7F086EB125FEC3AB5CB08271477AF71736B94685DC5B03DEA1B14D3F89CF Session-ID-ctx: Master-Key: xxx Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: Start Time: 1532017655 Timeout : 300 (sec) Verify return code: 0 (ok) — 250 DSN * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10515693) * In the mean time I’ve also tested with WP Mail SMTP by WPForms and for good measure also with the standard SMTP option in Joomla and both result in test e-mails being sent normally with TLSv1.0 disabled (or enabled) in postfix on the mailserver. * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10516048) * I have installed postfix and run some test, with tls v1.2 all worked. * Any chance I will share the server credentials so you can match the settings to your configuration? * If yes, please contact me at [https://postmansmtp.com/contact](https://postmansmtp.com/contact) * Thanks * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10516160) * Hi, * Please update to the latest version. Let me know if it’s working. * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10516176) * great stuff, that fixed it! thanx 😀 * [yehudah](https://wordpress.org/support/users/yehudah/) * (@yehudah) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10516178) * Thank you, you helped me a lot. * Thread Starter [aartsr](https://wordpress.org/support/users/aartsr/) * (@aartsr) * [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/#post-10516181) * no problem, better to help a bit with improving a great plugin instead of dumbly switching to something else that might be buggy, unsafe etc etc… have a great Sunday! Viewing 15 replies - 1 through 15 (of 16 total) 1 [2](https://wordpress.org/support/topic/tls-version-problem/page/2/?output_format=md) [→](https://wordpress.org/support/topic/tls-version-problem/page/2/?output_format=md) The topic ‘tls version problem’ is closed to new replies. * ![](https://ps.w.org/post-smtp/assets/icon-128x128.gif?rev=3209655) * [Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App](https://wordpress.org/plugins/post-smtp/) * [Frequently Asked Questions](https://wordpress.org/plugins/post-smtp/#faq) * [Support Threads](https://wordpress.org/support/plugin/post-smtp/) * [Active Topics](https://wordpress.org/support/plugin/post-smtp/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/post-smtp/unresolved/) * [Reviews](https://wordpress.org/support/plugin/post-smtp/reviews/) * 16 replies * 2 participants * Last reply from: [yehudah](https://wordpress.org/support/users/yehudah/) * Last activity: [7 years, 10 months ago](https://wordpress.org/support/topic/tls-version-problem/page/2/#post-10516184) * Status: not resolved