Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Issues > Archive > some emails blocked

 [F] Alt-N Discussion Groups  / MDaemon Discussion Groups  / MDaemon Issues  / Archive  /

some emails blocked

[Guild, Linda]
Linda Guild
Newbie
Newbie
Posts: 3
Linda Guild - 09:47am, Nov 6 2019

Hi,

We have some people who no longer can email us. The error we are getting is
--> 220 2.7.0 Ready to start TLS
  • SSL error 0x80090308 The token supplied to the function is invalid SMTP session terminated (Bytes in/out: 550/278)

    We are receiving email from most other people.

    THanks,
    Linda

  •   All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

    David C - Nov 8, 2019 4:41 pm (#1 Total: 1)  

     

    Photo of Author
    David C
    Guru
    Guru
    Posts: 1411
    Hello,

    MDaemon does not control the versions of SSL or the protocols, ciphers, hashes, and key exchange algorithms used in network connections to email clients and other mail servers.

    MDaemon uses the windows SChannel interface for negotiating secure connections. It will use whatever algorithms are available for use by Windows.

    This means that MDaemon can only support whatever versions of SSL and TLS that are both

      *supported by the version of Windows on which one is running MDaemon
    and

      * are also supported by the server or email client that is connecting to MDaemon.


    Microsoft added support for AES ciphers in Windows Vista but earlier Windows Operating systems like Windows XP and Server 2003 do not include them.

    Are you running an older version of Windows that may not have these more recent ciphers?

    Are all of your Windows updates up to date?

    Is the computer which is connecting to your copy of MDaemon perhaps running an older version of Windows which does not have compatible ciphers?

    Did you or some other administrator disable any of the SSL protocols or ciphers on the computer on which MDaemon or on which your Exchange server is running?

    If so, I suggest that for testing purposes you reenable all of them and see if your TLS issue goes away.

    If you are running a recent copy of Windows, all of your Windows updates are current, you have enabled all of the SSL protocols and available ciphers yet are atill experiencing the SSL issue you describe, then the cause of the issue may be due to an incompatibility with the SSL protocols and ciphers of the computer on the other end of the connection.

    Since you cannot control the SSL protocols and ciphers on the other server, the best you might be able to do is use MDaemon's option to not offer STARTTLS to IPs which are failing to negotiate securely, allowing insecure/unencrypted communications to proceed.



      All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items



     Content:

    Read New | Search

     Guest:

    Email to Admin



    You are visiting as a Guest user.