Re: TLS not found

KhanSb · ‎06-29-2025

Hello,

People can send me emails sometime and I can see that TLS 1.3 was in place, some time same sender is not able to send me email and get this bounce back alert

"The following message to *@domain.com was undeliverable.
The reason for the problem:
5.1.0 - Unknown address error 530-'5.7.0 *@domain.com: Recipient address rejected: Must use TLS'"

and if I go to see why email was blocked/rejected, Trend Micro is rejecting email because "TLS Not Found"

I had this problem with two sender IPs, with details as below:

Host

esa.hc351-33.ap.iphmx.com

SPF lookup

v=spf1 ip4:207.54.75.157 ip4:23.90.107.66 -all

What can be possible solution for this.

Thank you

Dustin Anderson · ‎06-30-2025

What TLS is supported by your setup? It sounds like trend micro requires TLS and when it failed to negotiate it halted it.

Personally we have a lot of customers with old systems that we have to still support 1.1,1.2, and 1.3

KhanSb · ‎06-30-2025

Hi Dustin,

We have not specified the TLS version but security level is set to mandatory. these two IPs points to different geolocations, first I thought that may be one of the host is not configured properly so some emails still get delivered with TLS 1.3 from other host but now I had this same issue with another sender, with 2nd IP. is there anything I can do to resolve the issue without making any hole in security posture.

Thank you

Dustin Anderson · ‎07-01-2025

you would have to check your SSL settings, I don't know what default is, so not sure what you are set to if you haven't changed it. Below is our settings.

System Administration -> SSL configuration.