Solved

Exchange 2003 TLS connect failed: error:140770FC:SSL for some users sending to us

Posted on 2009-05-15
4
1,051 Views
Last Modified: 2013-11-30
Hello,

We have a fully updated SBS 2003 R2 server with Exchange 2003 on it.  A few of our customers cannot send e-mail to us and are receiving the following message in the returned e-mail:

------------------------------------
Hi.  This is the qmail send program at frost.mtaonline.net.  I'm afraid that I wasn't able to deliver your message to the following address: xxxxxxxx.  This is a permanent error.I've given up.  
.
.
.
TLS connect failed: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol;
-----------------------------------
Please note that we are receiving e-mail from other people without any errors.

I hope that someone can give us some direction on this issue...  

Thanks,

Mike
0
Comment
Question by:mjgardne
  • 2
  • 2
4 Comments
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 24406291
Hello,

This error is occuring because the sender is trying to negotiate a TLS connection, which is failing. Have you recently tried to implement TLS? Do your MX records point directly at your exchange server or do you have some type of edge server in front of Exchange?

JJ
0
 

Author Comment

by:mjgardne
ID: 24407806
Hi JJ,

I haven't made any recent changes on the SBS system including TLS, but it is possible that Microsoft may have pushed out some kind of update that my client has installed on the server.  The system is quite simple...  A single MS Small Business Server 2003 R2 with Exchange on it.  There is a single static IP address and the MX record points to it.  It appears that within the last two weeks, the sender's e-mail started being rejected, but there do not seem to be any other recent senders who are experiencing this issue.  On Monday, I want to verify answers to the following questions:

1) Have any other senders been rejected within the last two weeks?  
2) If so, are they receiving the same error message?
3) If so, are they using the same ISP?
4) Have they installed any new updates on the server with the last two weeks?

Can you think of any others that would be helpful?

Thanks for your help, JJ,

Mike
0
 
LVL 37

Accepted Solution

by:
Jamie McKillop earned 500 total points
ID: 24413517
A Microsoft update would not automatically enable TLS. If you have not configured TLS and this error is only occuring for a single sending domain, the problem is most likely on the sending domain side.

JJ
0
 

Author Closing Comment

by:mjgardne
ID: 31591995
Thank you, JJ!  Your comments confirmed what I believed, too.  It is strange, but every now and then, I receive this issue from my Small Business Server clients who are communicating with people who use mtaonline.net for Internet access.  Anyway, the people who are experiencing this issue are working with their ISP to determine what is wrong.  Thanks for your help!

Mike
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now