cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 2

TLS / Sender refused due lack of security

If have an open case since one week, but no answer, yet.

Perhaps, anyone can hlep me here?

We have 6.7.2 HF4

Some senders are getting "only sporadic" an error from our ironmail: "Sender Refused due to lack of security".

mostly, the tls-connection is working fine with the sender.

RFC 3207 says:

"   If the SMTP server decides that the level of authentication or

   privacy is not high enough for it to continue, it SHOULD reply to

   every SMTP command from the client (other than a QUIT command) with

   the 554 reply code (with a possible text string such as "Command

   refused due to lack of security").

"

does anyone knows this problem and has hints for debugging this issue?

1 Reply
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 2

TLS / Sender refused due lack of security

Hi,

I found out 2 reasons for this error

Debugging for this can only be made by support as root.

or you could execute openssl from another server:

1. if the senders's domain is configured for required TLS, but sender has no TLS

openssl s_client -starttls smtp -verify -crlf -showcerts -connect  <IP>:25

verify depth is 0

CONNECTED(00000003)

didn't found starttls in server response, try anyway...

2. if the sender's Root CA or Intermediate Cert is expired/not correct

openssl s_client -starttls smtp -verify -crlf -showcerts -connect <IP>:25

verify depth is 0

CONNECTED(00000003)

depth=1 /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign International

Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD. 97

VeriSign verify error:num=20:unable to get local issuer certificate verify

return:0

91422:error:14090086 SL routines SL3_GET_SERVER_CERTIFICATE:certificate verify

failed:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_clnt.c:894:

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community