typically this is a certificate related problem. Either your FortiMail or the other server will not trust the other node's certificate.
More technical information:
Check whether your FortiMail certificates are expired or otherwise invalidated.
with openssl you can check about the other certificate.
openssl s_client -connect theothermail.server:25
openssl s_client -starttls smtp -connect theothermail.server:25
one of them should give some good output about the servers certificate.
Using that same error message in a search engine of choice, like 403 4.7.0 tls handshake, will give you a bunch of more results.
It does sound like either FortiMail or the other webserver are not supporting the same TLS version.