Troubleshooting Tip: Error message '454 4.7.0 TLS ...

FortiMail

FortiMail provides advanced, multi-layer protection against the full spectrum of email-borne threats

Article Id 394818

Description

This article describes how to troubleshoot TLS handshake failures. '(Reason: 454 4.7.0 TLS handshake failed.)'.

Scope FortiMail.

Solution

From the cross-search log, FortiMail is unable to send outgoing email due to TLS handshake failure:

STARTTLS=client, error: connect failed=-1, reason=unsupported protocol, SSL_error=1, errno=0, retry=-1
timeout waiting for input from mx1.logicit.net. during Draining Input
to=<id@domain.com>, delay=00:04:32(tries=1), xdelay=00:04:32, mailer=esmtp, pri=202743, acl_delivery_id=1, relay=mx1.logicit.net. [103.172.xxx.xx], ip-pool=IP-pool(xx.x.xx.xxx), dsn=4.7.0, reply=454 4.7.0 TLS handshake failed., stat=Deferred: 454 4.7.0 TLS handshake failed.(Reason:454 4.7.0 TLS handshake failed.)

Check the domain 'mx1.logicit.net' using a third-party SSL checking tool such as below:

The result shows that the next MTA is having an issue with the SSL certificate.

360

Contributors

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Troubleshooting Tip: Error message '454 4.7.0 TLS handshake failed.(Reason:454 4.7.0 TLS handshake failed.)'

You are leaving our website