cancel
Showing results for 
Search instead for 
Did you mean: 

Ironmail 6.7.2.. email secured

NewBee to Ironmail(taking over). Seems since last week any email coming from 1 domain becomes SECURED email. The Ironmail configuration has not changed in years and we have previously received emails form that domain. They claim that it is not makling a TLS connection therefore it sucures the email. The other domain claim they have not changed any. Any troubleshooting tips will be appreciated.

Thanks in advance.

3 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 4

Re: Ironmail 6.7.2.. email secured

Moved to Ironmail for better support.

ijahnke
Level 11
Report Inappropriate Content
Message 3 of 4

Re: Ironmail 6.7.2.. email secured

Is this for inbound or outbound mail? What does the message log show when it connects to the recipient domain?

If you have access to a linux box you can always try using openssl:

openssl s_client -connect <IP/hostname of External domain>:25 -starttls smtp -crlf

openssl s_client -connect  192.168,0.1:25 -starttls smtp -crlf

Re: Ironmail 6.7.2.. email secured

InBoud emails only. There has been no change to the IRONMAIL appliances(except for adding to whitelist). Only recent changes we have is the Web Fliter for the Internet. This is external facing appliances and should not be affected. I reviewed the logs and they seemed to be ok. See partial conn. log below. They claim that our system is not accpeting TLS connection.

Thanks.

20140311:09:54:02|53715877|7173|SUMMARY_ACTIONS -|Message copied to <copyout@hhm.com> for <DOMFRM_hhm.com>|

20140311:09:54:02|53715877|5637|LOG_STAT_MAIL_MON -|{'DOMFRM_hhm.com': [{'qtn_type': None, 'grp_id': 0, 'profile_id': 0L, 'rule': 9L, 'rule_id': 3, 'action_data': 'copyout@hhm.com', 'action': 202L, 'archive': 0}]}|

20140311:09:54:02|53715877|7172|LOG_STAT_FINAL <msg_id:log_str> -|<53715877:No action based on this test. Trying next tests.>|

20140311:09:54:02|53715877|1031|LOG_STAT_ATT_FIL: final_list -|{}|

20140311:09:54:02|53715877|7206|Will scan for -|[('Secure Dictionary', 50L), ('Size Limit Whitelist', 87L)]|

20140311:09:54:02|53715877|7200|--Scanning part -|10|

20140311:09:54:02|53715877|7200|--Scanning part -|0|

20140311:09:54:02|53715877|7200|--Scanning part -|5|

20140311:09:54:02|53715877|7200|--Scanning part -|4|

20140311:09:54:02|53715877|7208|-----Scoring for -|('Secure Dictionary', 50L)|

20140311:09:54:02|53715877|7208|-----Scoring for -|('Size Limit Whitelist', 87L)|

20140311:09:54:02|53715877|7172|LOG_STAT_FINAL <msg_id:log_str> -|<53715877:No action based on this test. Trying next tests.>|

20140311:09:54:02|53715877|1803|No CCQ Trainer message found.||

20140311:09:54:02|53715877|1805|No Image Analysis rules/policies to apply to message. No checks will be performed.||

20140311:09:54:02|53715877|1809|No Corporate Compliance rules/policies to apply to message. No checks will be performed.||

20140311:09:54:02|53715877|6665|Created new Message ID and File <msgid:file> -|<53715879:/ct/data/mss/00/05/37/15/879>|

20140311:09:54:02|53715877|5138|Secure status for S/MIME  PGP  SWMR  SWMS:  <smime:pgp:swmr:swms> -|<0:0:1:0>|

20140311:09:54:02|53715877|5139|Secure domains for S/MIME PGP SWMR TLS: <smime:pgp:swmr:tls> -|<[]:[]:[]:[]>|

20140311:09:54:02|53715877|5140|Secure preference order -|[2L, 3L, 1L, 4L]|

20140311:09:54:02|53715877|5143|Secure failures for S/MIME and PGP: <smime:pgp> -|<[]:[]>|

20140311:09:54:02|53715877|5144|Delivery Modes: -|{}|

20140311:09:54:02|53715877|5145|Encrypt action list: -|{}|

20140311:09:54:02|53715877|5146|Delivery Modes and SWM Domains: <modes:domains> -|<{}:[]>|

20140311:09:54:02|53715877|5147|SWM Recipients and Normal Recipients: <swm:normal> -|<{}:{'david.com': [('chrystal.cooke@david.com', '<Chrystal.Cooke@david.com>')]}>|

20140311:09:54:02|53715877|10039|Processing completed for Message ID : <msgid> -|53715877|

20140311:09:54:04|53715877|9474|Channel outbound flag -|1|

20140311:09:54:04|53715877|9475|Max retry attempts -|4|

20140311:09:54:04|53715877|9476|Starting to process msgid -|53715877|

20140311:09:54:04|53715877|9481|Processing Domain -|david.com|

20140311:09:54:04|53715877|9515|DNS Lookup Returned -|[(10, 'mx1.david.iphmx.com', ('66.200.137.70', '66.200.137.139', '66.200.131.33', '66.200.140.11')), (10, 'mx2.david.iphmx.com', ('66.200.131.33', '66.200.140.11', '66.200.137.70', '66.200.137.139'))] fromCache=False|

20140311:09:54:04|53715877|9516|Connecting to Domain -|david.com|

20140311:09:54:04|53715877|9487|Block timeout in seconds -|75|

20140311:09:54:04|53715877|9488|Connecting to MX -|mx1.david.iphmx.com|

20140311:09:54:04|53715877|9489|Connecting to A -|66.200.137.70|

20140311:09:54:04|53715877|9491|Channels Vip vipid:bindhost -|0:10.50.12.164|

20140311:09:54:04|53715877|4099|Connecting to <BindHost:ConnectHost:ConnectPort> -|<10.50.12.164:66.200.137.70:25>|

20140311:09:54:04|53715877|4139|-|Reply: '220 ***************************'|

20140311:09:54:04|53715877|9492|Connection Status <status> -|1|

20140311:09:54:04|53715877|4139|-|Sending: EHLO hhm.com|

20140311:09:54:04|53715877|4139|-|Reply: '250-esa2.david.iphmx.com

250-8BITMIME

250-SIZE 52428800

250 XXXXXXXA'|

20140311:09:54:04|53715877|9523|Starting SendSmtpMsg in domain -|david.com|

20140311:09:54:04|53715877|9570|BATV values are DSN_BVP_enable: <IsEnabled> mail_from: <Mail From> mdoutbound <IsOutbound> selfdeliveryMode <Delivery Mode> -|0:ssenter1@hhm.com:1:0|

20140311:09:54:04|53715877|4139|-|Sending: MAIL FROM:<ssenter1@hhm.com> size=204601|

20140311:09:54:05|53715877|4139|-|Reply: '250 sender <ssenter1@hhm.com> ok'|

20140311:09:54:05|53715877|4139|-|Sending: RCPT TO:<chrystal.cooke@david.com>|

20140311:09:54:05|53715877|4139|-|Reply: '250 recipient <chrystal.cooke@david.com> ok'|

20140311:09:54:05|53715877|4139|-|Sending: DATA |

20140311:09:54:05|53715877|4139|-|Reply: '354 go ahead'|

20140311:09:54:06|53715877|4139|-|Reply: '250 ok:  Message 36586739 accepted'|

20140311:09:54:06|53715877|9524|LOG_STAT <mail from>, <rcpt fix>, <size>, <date>, <secure Conn>.  -|ssenter1@hhm.com:['chrystal.cooke@david.com']:204601:2014/03/11 09:54:06:0|

20140311:09:54:06|53715877|9506|Closing SMTP Connection||

20140311:09:54:06|53715877|4139|-|Sending: QUIT |

20140311:09:54:06|53715877|4139|-|Reply: '221 esa2.david.iphmx.com'|

20140311:09:54:06|53715877|9480|Finished processing msgid -|53715877|

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community