Debugging a TLS session on error 5.7.1

Hello,


I have a connection to an external SMTP host which is aborted due to missing TLS encryption (571 5.7.1 Session encryption is required).

TLS sessions are established to various external systems and to internal systems, only this one. So I think that the TLS configuration fits.

In the log I see the connection establishment and that STARTTLS feature is requested by the external host. The SMG ignores this and immediately sends the “MAIL FROM” and “RCPT TO” headers. The result is the error 571.

I have started an “openssl s_client -starttls smtp -connect .....” session from the same SMG host to the problematic target host and this is successful for TLS1.2 or TLS1.3.

How can I debug what the SMG SMTP service is doing or not doing? Can individual hosts be handled separately for TLS? Any ideas?

Kind regards,

Michael

Tags:

Parents Reply Children
No Data