# Is Dragonfly Mail Agent (DMA) supposed to support TLS1.2?



## phillipsjk (Aug 17, 2019)

Around (sometime in May), my webhost updated their _cPanel_. As a result, outgoing mail via dma() stopped working.

Got  the following messages in my mail log:


```
Aug 16 07:50:42 granny dma[1e01a.801828370]: trying delivery
Aug 16 07:50:42 granny dma[1e01a.801828370]: using smarthost (mail.phillipsjk.ca:587)
Aug 16 07:50:42 granny dma[1e01a.801828370]: trying remote delivery to mail.phillipsjk.ca [184.170.136.100] pref 0
Aug 16 07:50:42 granny dma[1e01a.801828370]: remote delivery deferred: SSL handshake failed fatally: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
```

After contacting support, I was informed that at least TLS v1.2 is required. I have been having trouble confirming that dma() even supports TLS v1.2. I may have to post a feature request on the Dragonfly BSD bug tracker I tried searching for "DMA TLS" on that tracker, and the most recent bug shown was from 2016 (Bug #2886 (New): dragonfly mail agent: sending a testmail causes high system load)

The Github page mentions TLS support, but no specific version. The Dragonfly BSD Handbook page also mentions TLS, but no specific version.

Edit: my email was broken longer than I thought. Did not get bounce messages due to my local mail not being configured properly.


----------



## SirDice (Aug 19, 2019)

It's probably going to depend on what version of OpenSSL it's linked against.


----------



## phillipsjk (Aug 20, 2019)

SirDice said:


> It's probably going to depend on what version of OpenSSL it's linked against.



Can't easily check that right away: my gui gets garbled every time I switch back from the console (old behaviour was to bump the resolution of the text console instead)

Fixing it that way, even if it requires a patch, may be easier than configuring a more complex MTA.

The support person from my webhost found the relevant upstream bug report: Possible TLS version issue? #66


----------

