Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2003 dropping TLS connections.

Posted on 2012-04-10
1
Medium Priority
?
772 Views
Last Modified: 2012-06-27
Hi Guys,

I've got a SBS2003 machine here that is having trouble with encrypted email. When the client sends the STARTTLS command Exchange replies with a 220, the client then sends the second EHLO, then the Exchange server drops the connection. I have tried this by connecting to exchange and typing the commands manually myself with putty and using ethereal to capture the mail stream of other mail servers connecting to our problem server. If exchange replied with a 550 I suspect the remote servers would fail back to un-encrypted, but since it's sending 220 ALL OK then dropping the connection, the remote servers don't fail back to unencrypted and we lose mail.

I've tried re-creating the self signed certificate using the sbs wizards with no success.

Full log below.

220 mail.problem-server.com.au Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at  Tue, 10 Apr 2012 16:55:26 +0930
EHLO sending-server.com.au
250-mail.problem-server.com.au Hello [203.xxx.xxx.39]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-TLS
250-STARTTLS
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-X-LINK2STATE
250-XEXCH50
250 OK
STARTTLS
220 2.0.0 SMTP server ready
EHLO mail.sending-server.com.au
<connection closed by remote host>
0
Comment
Question by:nextsoln
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
nextsoln earned 0 total points
ID: 37830981
Exchange had been previously incorrectly configured to use a self signed cert for secure smtp. Removing the cert from exchange fixed the issue!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question