Exchange 2003 TLS connect failed: error:140770FC:SSL for some users sending to us

Hello,

We have a fully updated SBS 2003 R2 server with Exchange 2003 on it.  A few of our customers cannot send e-mail to us and are receiving the following message in the returned e-mail:

------------------------------------
Hi.  This is the qmail send program at frost.mtaonline.net.  I'm afraid that I wasn't able to deliver your message to the following address: xxxxxxxx.  This is a permanent error.I've given up.  
.
.
.
TLS connect failed: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol;
-----------------------------------
Please note that we are receiving e-mail from other people without any errors.

I hope that someone can give us some direction on this issue...  

Thanks,

Mike
mjgardneAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Jamie McKillopConnect With a Mentor IT ManagerCommented:
A Microsoft update would not automatically enable TLS. If you have not configured TLS and this error is only occuring for a single sending domain, the problem is most likely on the sending domain side.

JJ
0
 
Jamie McKillopIT ManagerCommented:
Hello,

This error is occuring because the sender is trying to negotiate a TLS connection, which is failing. Have you recently tried to implement TLS? Do your MX records point directly at your exchange server or do you have some type of edge server in front of Exchange?

JJ
0
 
mjgardneAuthor Commented:
Hi JJ,

I haven't made any recent changes on the SBS system including TLS, but it is possible that Microsoft may have pushed out some kind of update that my client has installed on the server.  The system is quite simple...  A single MS Small Business Server 2003 R2 with Exchange on it.  There is a single static IP address and the MX record points to it.  It appears that within the last two weeks, the sender's e-mail started being rejected, but there do not seem to be any other recent senders who are experiencing this issue.  On Monday, I want to verify answers to the following questions:

1) Have any other senders been rejected within the last two weeks?  
2) If so, are they receiving the same error message?
3) If so, are they using the same ISP?
4) Have they installed any new updates on the server with the last two weeks?

Can you think of any others that would be helpful?

Thanks for your help, JJ,

Mike
0
 
mjgardneAuthor Commented:
Thank you, JJ!  Your comments confirmed what I believed, too.  It is strange, but every now and then, I receive this issue from my Small Business Server clients who are communicating with people who use mtaonline.net for Internet access.  Anyway, the people who are experiencing this issue are working with their ISP to determine what is wrong.  Thanks for your help!

Mike
0
All Courses

From novice to tech pro — start learning today.