Skip to main content
ByteHaven
ByteHaven
Explorer III
July 21, 2025
Question

Fortimail deferred 454 4.7.0 tls handshake failed

  • July 21, 2025
  • 2 replies
  • 1369 views

Hello everyone,

I'm currently experiencing an issue with FortiMail displaying the following error message "Deferred 454 4.7.0 TLS handshake failed"

Here’s what I’ve checked so far:

- The certificate is still valid.

- TLS is set to "preferred" for outgoing emails, with TLS versions 1.3, 1.2, and 1.1 enabled.

- FortiMail can successfully communicate with the internet (ping tests to Google servers and FortiGuard were successful).

- There are no firewall restrictions affecting FortiMail traffic.

I'm looking for any additional ideas or suggestions to help troubleshoot and resolve this issue. Has anyone encountered this before or have any recommendations?

 

Thanks in advance

2 replies

smkml
Staff
smkml
Staff
July 22, 2025

Hi @Anonymous_User ,

 

There is a probability that your next MTA have an issue with SSL certificate, which you may want to consider to check on that.
https://community.fortinet.com/t5/FortiMail/Troubleshooting-Tip-Error-message-454-4-7-0-TLS-handshake-failed/ta-p/394818

    ByteHaven
    ByteHavenAuthor
    Explorer III
    July 23, 2025

    Hello smkml,

     

    Thank you for the suggestion. However, I don't believe the issue is related to the SSL certificates of the next MTA. We are sending emails to multiple different destinations, and it's unlikely that all of those external servers are experiencing SSL certificate problems simultaneously. I may be mistaken

    Surprisingly, the issue seems to have resolved itself without any intervention, which makes the situation even more unusual. However, from my perspective, the problem isn’t truly resolved, as the root cause remains unidentified.

     

    Kind regards,

    filiaks1
    filiaks1
    Explorer III
    July 26, 2025

    Issues are not just resolved automatically :) . Maybe it is what @smkml  mentioned as if an issue on another system is resolved that connects to fortimail then this seems logical.

     

    Outside of that if it was a process issue then reboot or process restart could solve it but probably you checked the fortimail system logs and cpu/memory during the issue. If not if you see the issue again that is a nice place to start.

      fokelmo4
      fokelmo4
      New Member
      July 27, 2025

      If you are unable to fix the Exchange server, which would be the best solution, and you are fine with cleartext, they why haven't you already tried your proposed change to the FM? Worst case, it doesn't work and you change it back.

      Terms & ConditionsAccessibility statement