Re: Mails/Sender rejected connections

Thomasp · ‎12-21-2018

Having an issue with TLS connections.
In tracking rejected connetions it looks like this

1    21 Dec 2018 15:21:38 (GMT +01:00)    ICID: 2831        Show Details

SENDER IP:    **.***.***.**
REJECTED:    Incoming connection (ICID 2831) successfully accepted TLS protocol SMTP cipher ECDHE-RSA-AES256-SHA384.

Show Details:
21 Dec 2018 15:21:38 (GMT +01:00)    Incoming connection (ICID 2831) has sender_group: ALL, sender_ip: **.***.**.** and sbrs: 3.5
21 Dec 2018 15:21:38 (GMT +01:00)    Protocol SMTP interface Management on incoming connection (ICID 2831) from sender IP **.***.**.**. Reverse DNS host **.*** verified yes.
21 Dec 2018 15:21:38 (GMT +01:00)    (ICID 2831) ACCEPT sender group ALL match ALL SBRS 3.5 sender IP 51.163.158.102 country United Kingdom
21 Dec 2018 15:21:38 (GMT +01:00)    Incoming connection (ICID 2831) successfully accepted TLS protocol TLSv1.2 cipher ECDHE-RSA-AES256-SHA384.

Why is this connection rejected?

Libin Varghese · ‎12-27-2018

This does not appear to be the complete logs as it should indicate ICID close or lost to show connection was closed or terminated.

Over TLS, I've observed connections being closed abruptly if the sender is unable to verify the certificate applied to the ESA's inbound listener. You can validate this by setting up a packet capture on the ESA for the sender IP and having them send a couple of test emails.

Alternatively, you can also verify your inbound TLS certificate for the receiving domain using websites such as checktls.com.

Regards,

Libin

Thomasp · ‎12-27-2018

I have now turned off TLS.
Some connections still have the same error.
I have no idea what that can be !!

dmccabej · ‎12-27-2018

Hello,

I do not see any errors above. Can you provide the error(s) you're seeing that lead you to believe connections are being rejected?

Thanks

-Dennis M.