FortiMail sslv3 alert unexpected message

Question

Hello FML admins

FortiMail 7.6.1. We have an issue with one remote mail server of "somedomain.com". The issue is more about TLS than SMTP.

When we send an e-mail to that domain they receive successfully.

However when they send us an e-mail from the same mx of that domain then the session can't initiate TLS, and we see the following errors in the session logs.

STARTTLS=server, error: accept failed=-1, reason=sslv3 alert unexpected message, SSL_error=1, errno=0, retry=-1, relay=mail.somedomain.com [1.2.3.4]

I see the reason is "sslv3 unexpected message" which should mean the handshake was unsuccessful.

When I check the remote mx (as server) with openssl command I see it supports TLSv1.3. So I find it strange that it is trying to initiate a SSLv3 session (error message is about SSLv3).

Since I have no control on the remote side, any idea on how I can workaround this issue from my side?

Can this be fixed by setting an AC policy with using TLS profile with minimum TLSv1.2? Or should it be with minimum SSL 3.0?

Anthony_E · Answer

Hello Abdelkrim,

I hope you are doing well! I wish you all the best for the future year :)!

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded