Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Cannot mail certain recipients. The sender sees this in the GW Client:
The reason given for the delay: 420 TCP write error
The following is shown in the GWIA log:
07:11:54 2323 DMN: MSG 2815270 Attempting to connect to mail12.surftown.se 07:11:54 2323 DMN: MSG 2815270 Connected to [212.97.132.52] (mail12.surftown.se) 07:11:54 2323 DMN: MSG 2815270 SMTP STARTTLS failure (8922) 07:11:55 2323 DMN: MSG 2815270 SMTP session ended: [212.97.132.52] (mail12.surftown.se)
Diagnosis
The best way to troubleshoot this would be to get a packet trace. On the GWIA server:
tcpdump -i any -s 0 -w /root/surftown.cap host 212.97.132.52
This will capture data just for that ip. Note that you cannot filter on a single IP if the recipient has multiple ones.
Open the packet trace in Wireshark. Look at the client and server hellos:
Client Hello. That is you:
Ask the admin of the receiving mailserver to upgrade to a supported version of SSL