STARTTLS=server, error: accept failed=0, reason=bad signature, SSL_error=1, errno=0, retry

Forum|Forum|9 years ago
December 1, 2016
1 reply
5635 views

I have a Fml 200 c as mail server for a domain. Since few days many a lot of mail incoming from Google accounts fails with this error:

On access control rules I ve put an explicit one that match protected destination *@mydomain.com, reverse dns pattern *.Google.com and a TLS profile (tried two profile: tls preferred and tls required.

But no way to solve.

Any Idea?

Bromont_FTNT

Staff

Is it a 100C or 200D? If 200D make sure you have the latest firmware installed. Also is the firewall doing TLS inspection?

alessandrobAuthor

New Member

it's a 200D. Ive discovered that the problem is caused by SSL inspection enabled on the fgt50D in front. If I disable SSL inspection the problem disappears.

I've updated the fgt firmware from 541 to 542 few days ago and I suppose this is the cause because before this it was working fine. I've opened a tichet for bot fgt and fml but no answer at the moment

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded