Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1509
Views
0
Helpful
1
Replies

not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number).

jcarlos.castillo
Level 1
Level 1

‎02-06-2019 07:12 AM

Email users received spam email, directly to the inbox, iron port URL scanning display the below message

 

06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)

Message 162893 matched per-recipient policy DEFAULT for inbound mail policies.
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B :SSL routines:SSL3_GET_RECORD:wrong version number).
Message 162893 scanned by Anti-Virus engine Sophos. Interim verdict: CLEAN
Message 162893 scanned by Advanced Malware Protection engine. Final verdict: SKIPPED(no attachment in message)
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B :SSL routines:SSL3_GET_RECORD:wrong version number).
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number).
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number).
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number).
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number).
MID 162893 not completely scanned by URL Scanning Service. Error: Request failed with code: 35 (error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number).
Message 162893 scanned by Outbreak Filters. Verdict: Positive
Message 162893 Other Threat Level=1
Message 162893 queued for delivery.
Labels:
0 Helpful
1 Reply 1

Robert Sherwin
Cisco Employee
Cisco Employee

‎02-08-2019 04:52 AM

Any changes to your SSL config of late?  (Ciphers allowed/disallowed?) 

 

What version of AsyncOS do you have running?  Hardware or virtual appliance?

 

When you are logged into the UI of your Email Security - from Security Services > URL Filtering... what is the output of the connection?

 

url_filtering.jpg

 

You have end users getting spam now as well?  All users?  Feature keys up-to-date?  Any other errors associated?  Check the antispam logs to assure that the engine is running w/o error(s).

 

Depending on your appliance up time, possible you may want to do a reboot to assure all services are up and running correctly.  Next step would be to open a TAC SR and see what more could be occurring.

Cheers,
Robert Sherwin
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents