23 C
Dubai
Friday, March 29, 2024

NDR from Gmail to Exchange Servers –TLS Negotiation failed

Only Gmail to Exchange was throwing NDR –

TLS Negotiation failed: generic::failed_precondition: starttls error (0): protocol error

We were using IMSVA – Interscan Messaging Security Virtual Appliance for Anti-Spam

Went to http://checktls.com/

Verified TLS is ok – if not please fix them

Note : most of them wont have a Valid cert on the SMPT level , please ignore if you get the the cert error . as it’s a wild card cert applied in this environment everything says OK

image

 

Solution –

Raising a Ticket with Trend Micro They gave a Patch –

Some message digest algorithms are not supported during TLS communication in IMSVA 9.0.
This hot fix upgrades the OpenSSL version in IMSVA 9.0 to enable it to support these message digest algorithms.

Applied the Hotfix –  IMSVA 9.0.0.1510

image

Administration – End User Quarantine – Redistribute – Refreshed all the services

image

Now Gmail to Exchange servers Mail flow is normal !

 

NDR Information on Gmail – –

This is an automatically generated Delivery Status Notification
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipient has been delayed:
Test@careexchange.in
Message will be retried for 2 more day(s)
Technical details of temporary failure:
TLS Negotiation failed: generic::failed_precondition: starttls error (0): protocol error
—– Original message —–
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=Xq6cM0BHS/l8MJ4WYJNApvWzwZ/O8qe78VP1gy/BoaU=;
b=vYdhhQdLa16iWPEvnjxOj0BrgSx7JM039VGxvfSwbC42tvV+62gtxeZjFA05+fXlux
+bC3Qa5OsvqliBLGKwTwgsP8Pa+MAJoQwO22lOisXKWdqr2WEhN03kcmFwRNcCl5cvby
E178c/OpEqBHSJdm/dsdfsdfsdgsdwesdf/nkIb6
fMCz5aGx4QzqsLtdn5ThfEVL+ggAuczJ0TkI5kLJVK7LwFOc3OEejFBIDZX2t5nHx8jz
gIKiPwODAVTwSyhVS55pYjSJ/jqS8HFwRWFamWB/osZzXYfZpUdVqKejOSDg5CDBpQsp
3bBA==
MIME-Version: 1.0
X-Received: by 10.13.130.239 with SMTP id m78m435337939ioi.18.14467543592436;
Thu, 05 Nov 2015 00:08:12 -0800 (PST)
Received: by 10.33.33.149 with HTTP; Thu, 5 Nov 2015 00:08:12 -0800 (PST)
Date: Thu, 5 Nov 2015 12:08:12 +0400
Message-ID: <CAHHVjUV=VVrtJR4_QUic5ks95L363563mBb5YGRp_bPbRA@mail.gmail.com>
Subject: T1
From: Sam <test@gmail.com>
To: Administrator <test@careexchange.in>
Content-Type: multipart/alternative; boundary=001a113f000cd65650523c6a040

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles

1 COMMENT

  1. Hi satheshwaran

    i have facing this problem after changing ISP , i am using antispam Agent
    when enabling IP Block list Provider cannot able to receive emails.

    thanks

LEAVE A REPLY

Please enter your comment!
Please enter your name here

× How can I help you?