Hi,
i am unable to recieve an email from specific domain, upon troubleshooitng i found the following error :
STARTTLS=server, error: accept failed=-1, reason=unknown, SSL_error=5, errno=104, retry=-1, relay=somedomain.com [1.1.1.1]
is it could be because of TLS profile or do i have increase the cipher level ?
am unable to understand the error message here .
FCSNP 5, JNCIS-FW,JNCIA-SSL ,MCSE, ITIL.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Do you have a TLS profile for sending?
Are you enable for TLS for receiving ?
But yes if you are some one is trying to use TLS and the system are not compatible, the MTA will fallback or even deny mail as determine the policy ( required or preferred )
Ken
PCNSE
NSE
StrongSwan
hi am not using TLS profile for sending and didnt enable it for receiving , do i have to for both ?
FCSNP 5, JNCIS-FW,JNCIA-SSL ,MCSE, ITIL.
yes you need delivery rule to use TLS outbound. Typically you write it as *.somdomain.com and set the TLS and method.
Download the fortimail cli and administration guide for your version of FML and follow the guidelines. Keep in mind that NOT all MX support TLS or even have it enable.
Ken
PCNSE
NSE
StrongSwan
i think i found the issue, am using on my fortimail the following cipher : TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
but when i checked the the ciphers used by the other domain am having an issue with i found that none of the matching the one am using, would this be an issue for connection error am getting .
FCSNP 5, JNCIS-FW,JNCIA-SSL ,MCSE, ITIL.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1647 | |
1070 | |
751 | |
443 | |
214 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.