11-17-2011 09:36 AM
Getting the following error:
(DCID 14390733) Message 31196742 to address@domain.com delayed. Reason: 4.1.0 - Unknown address error ('454', ['4.7.0 Failed to establish appropriate TLS channel: UntrustedRoot: Access Denied']) [(\'from\', \'"e-mail address\'), (\'to\', \'e-mail address\\'), (\'subject\', \'11:22\')]
Any thoughts?
11-17-2011 11:09 AM
Hello Jason,
have you installed a valid SSL/TLS certificate as a delivery_cert (if you use AsyncOS 7.1 and above)? It seems that the destination mailserver cannot verify the certificate you present (either it is self signed or the Root CA you're using is unknown to the destination mail server).
Thanks and regards,
Martin
11-17-2011 11:29 AM
Hey Martin,
We are currently running AsyncOS 7.5 and do have a valid SSL/TLS certificate. The one caveat is that it is a wildcard certificate. Is it possible that this one domain doesn't accept wildcard certificates?
I currently have outbound e-mail delivery mail flow policies set to preferred TLS and am currently seeing about 60% of the connections making a successful TLS connection.
Thanks for sharing your thoughts it is much appreciated!
Jason
11-17-2011 11:34 AM
Hello Jason,
it's hard to determine which policy triggers on the destination mail server here, so getting in touch with the postmaster from the receiving domain may be the best approach. Possibly they struggle with verifying the certificate due to lack of RootCA installed on their end.
Thanks and regards,
Martin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: