10-11-2017 05:03 AM - edited 03-08-2019 07:26 PM
Hi,
Since few days, one of our partner couldn't send us any mail.
Senders use to receive back this erreor : Remote Server returned '< #5.7.0 SMTP; 503 5.7.0 encryption too weak 0 less than 128>'
I checked my settings in my Ironport server, but I didn't find what it's wrong. I tried to insert them into a Mail flow policy to force TLS, but nothing changed.
I ran tail command on the CLI, I can see their SMTP opening a session, but closing it immediatly. I imagine when they try to open TLS channel, they fail and close it !
At this point, I don't know it the issue is in my side or my partner side...
Does someone has already got this sort of issue ?
Thanks for your back.
Sylvain
10-11-2017 08:14 AM
10-11-2017 08:30 AM
Thanks Ken,
When I enter in SSLConfig, for the outbound, the prompt asks me to select SSL Method :
1. TLS v1.0
2. TLS v1.1
3. TLS v1.2
4. SSL v2
5. SSL v3
By default, #5 looks to be active option ? must I select another method ?
As I could see, the cypher phrase enable at this moment is : [RC4-SHA:RC4-MD5:ALL:-aNULL:-EXPORT]
Does it look u correct ?
I'm completly newby about TLS & Cypher, to be honest I'm afraid to change this settings, I'm not sure to be able to back to right settings if I'd break what it is working fine for the most of case, excepting one...
I thank u
Sylvain
10-11-2017 08:37 AM
10-12-2017 02:02 AM
I applied your advices, I'm monitoring that and with my external partnet, we'll make some tests, to validate it's ok.....or not !
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide