4 Replies Latest reply on Dec 12, 2013 9:03 AM by Regis

    EG 7.0 and Gmai!..a significant tweak!

    imejia

      Recently we migrated an ews 5.6 to EG 7.0 and everything went normal ( besides the portlet slowwwwnessss)  on the upgraded process BUT when we try to send some email from a gmal account to our internal domain none of those email get to our inbox so we made the basic troubleshooting but guess what???? neither the EG's logs show nothing nor the gmail receive a NDR notification!   so this is the scenario where i missed this well-designed feature that ironmail had, tailing smtp conversation on real-time,  sooo what i did is a network capture and voila! I found the problem...there i saw this weird TLS error..every time that gmail try to send an email it start a TLS negotiation with EG so this is the tweak section: on the  EG's encryption tab there is this setting that TRY to negotiate the TLS channel so i change it from "when available" to "NEVER" and i got my problem fixed! 

       

      tls.JPG

       

      Folks..i'm wondering is this a bug?? or just a tweak???

        • 1. Re: EG 7.0 and Gmai!..a significant tweak!

          Hi imejia,

           

          It looks like it is not working as expected, the EG should be able to start the TLS conversation if it sees the request from gmail... I would suggest you open a case with Support (https://mysupport.mcafee.com/eservice)

           

          Hope this helps.

          • 2. Re: EG 7.0 and Gmai!..a significant tweak!
            imejia

            Totally agree! as far as i know when the EG can't negotiate the TLS channel it should start with a standard smtp negotiation...and yes..it's on mcafee side.

            • 3. Re: EG 7.0 and Gmai!..a significant tweak!
              epoquito

              Could you please check when this issue started? For example by searching for messages that were encrypted using TLS you should be able to verify, when the TLS was used last time.

              Then you can check what configuration change was made back then. I'd say, this issue is tightly connected to enabling the option "Enable SMTP conversation logging".

               

              To "resolve" this issue, you have to reboot the appliance. You can then enable TLS again and according to my testing, the problem won't get back. It appears on the new installation only, when the smtp conversation logging is enabled for the first time.

              • 4. Re: EG 7.0 and Gmai!..a significant tweak!
                Regis

                imejia wrote:

                 

                Recently we migrated an ews 5.6 to EG 7.0 and everything went normal ( besides the portlet slowwwwnessss)  on the upgraded process BUT when we try to send some email from a gmal account to our internal domain none of those email get to our inbox so we made the basic troubleshooting but guess what???? neither the EG's logs show nothing nor the gmail receive a NDR notification!   so this is the scenario where i missed this well-designed feature that ironmail had, tailing smtp conversation on real-time,  sooo what i did is a network capture and voila! I found the problem...there i saw this weird TLS error..every time that gmail try to send an email it start a TLS negotiation with EG so this is the tweak section: on the  EG's encryption tab there is this setting that TRY to negotiate the TLS channel so i change it from "when available" to "NEVER" and i got my problem fixed! 

                 

                tls.JPG

                 

                Folks..i'm wondering is this a bug?? or just a tweak???

                 

                I'll say it's a tweak I've never had to do and we receive things from gmail just fine.   On the Receiving side,  * / "when Available"   works well. 

                 

                What were you set to initially, I wonder?