3 Replies Latest reply on Mar 19, 2014 8:11 PM by ipillai1

    Ironmail 6.7.2.. email secured

    ipillai1

      NewBee to Ironmail(taking over). Seems since last week any email coming from 1 domain becomes SECURED email. The Ironmail configuration has not changed in years and we have previously received emails form that domain. They claim that it is not makling a TLS connection therefore it sucures the email. The other domain claim they have not changed any. Any troubleshooting tips will be appreciated.

       

       

       

       

      Thanks in advance.

        • 1. Re: Ironmail 6.7.2.. email secured
          Peter M

          Moved to Ironmail for better support.

          • 2. Re: Ironmail 6.7.2.. email secured
            ijahnke

            Is this for inbound or outbound mail? What does the message log show when it connects to the recipient domain?

             

            If you have access to a linux box you can always try using openssl:

             

            openssl s_client -connect <IP/hostname of External domain>:25 -starttls smtp -crlf

             

            openssl s_client -connect  192.168,0.1:25 -starttls smtp -crlf

            • 3. Re: Ironmail 6.7.2.. email secured
              ipillai1

              InBoud emails only. There has been no change to the IRONMAIL appliances(except for adding to whitelist). Only recent changes we have is the Web Fliter for the Internet. This is external facing appliances and should not be affected. I reviewed the logs and they seemed to be ok. See partial conn. log below. They claim that our system is not accpeting TLS connection.

              Thanks.

               

              20140311:09:54:02|53715877|7173|SUMMARY_ACTIONS -|Message copied to <copyout@hhm.com> for <DOMFRM_hhm.com>|

              20140311:09:54:02|53715877|5637|LOG_STAT_MAIL_MON -|{'DOMFRM_hhm.com': [{'qtn_type': None, 'grp_id': 0, 'profile_id': 0L, 'rule': 9L, 'rule_id': 3, 'action_data': 'copyout@hhm.com', 'action': 202L, 'archive': 0}]}|

              20140311:09:54:02|53715877|7172|LOG_STAT_FINAL <msg_id:log_str> -|<53715877:No action based on this test. Trying next tests.>|

              20140311:09:54:02|53715877|1031|LOG_STAT_ATT_FIL: final_list -|{}|

              20140311:09:54:02|53715877|7206|Will scan for -|[('Secure Dictionary', 50L), ('Size Limit Whitelist', 87L)]|

              20140311:09:54:02|53715877|7200|--Scanning part -|10|

              20140311:09:54:02|53715877|7200|--Scanning part -|0|

              20140311:09:54:02|53715877|7200|--Scanning part -|5|

              20140311:09:54:02|53715877|7200|--Scanning part -|4|

              20140311:09:54:02|53715877|7208|-----Scoring for -|('Secure Dictionary', 50L)|

              20140311:09:54:02|53715877|7208|-----Scoring for -|('Size Limit Whitelist', 87L)|

              20140311:09:54:02|53715877|7172|LOG_STAT_FINAL <msg_id:log_str> -|<53715877:No action based on this test. Trying next tests.>|

              20140311:09:54:02|53715877|1803|No CCQ Trainer message found.||

              20140311:09:54:02|53715877|1805|No Image Analysis rules/policies to apply to message. No checks will be performed.||

              20140311:09:54:02|53715877|1809|No Corporate Compliance rules/policies to apply to message. No checks will be performed.||

              20140311:09:54:02|53715877|6665|Created new Message ID and File <msgid:file> -|<53715879:/ct/data/mss/00/05/37/15/879>|

              20140311:09:54:02|53715877|5138|Secure status for S/MIME  PGP  SWMR  SWMS:  <smime:pgp:swmr:swms> -|<0:0:1:0>|

              20140311:09:54:02|53715877|5139|Secure domains for S/MIME PGP SWMR TLS: <smime:pgp:swmr:tls> -|<[]:[]:[]:[]>|

              20140311:09:54:02|53715877|5140|Secure preference order -|[2L, 3L, 1L, 4L]|

              20140311:09:54:02|53715877|5143|Secure failures for S/MIME and PGP: <smime:pgp> -|<[]:[]>|

              20140311:09:54:02|53715877|5144|Delivery Modes: -|{}|

              20140311:09:54:02|53715877|5145|Encrypt action list: -|{}|

              20140311:09:54:02|53715877|5146|Delivery Modes and SWM Domains: <modes:domains> -|<{}:[]>|

              20140311:09:54:02|53715877|5147|SWM Recipients and Normal Recipients: <swm:normal> -|<{}:{'david.com': [('chrystal.cooke@david.com', '<Chrystal.Cooke@david.com>')]}>|

              20140311:09:54:02|53715877|10039|Processing completed for Message ID : <msgid> -|53715877|

              20140311:09:54:04|53715877|9474|Channel outbound flag -|1|

              20140311:09:54:04|53715877|9475|Max retry attempts -|4|

              20140311:09:54:04|53715877|9476|Starting to process msgid -|53715877|

              20140311:09:54:04|53715877|9481|Processing Domain -|david.com|

              20140311:09:54:04|53715877|9515|DNS Lookup Returned -|[(10, 'mx1.david.iphmx.com', ('66.200.137.70', '66.200.137.139', '66.200.131.33', '66.200.140.11')), (10, 'mx2.david.iphmx.com', ('66.200.131.33', '66.200.140.11', '66.200.137.70', '66.200.137.139'))] fromCache=False|

              20140311:09:54:04|53715877|9516|Connecting to Domain -|david.com|

              20140311:09:54:04|53715877|9487|Block timeout in seconds -|75|

              20140311:09:54:04|53715877|9488|Connecting to MX -|mx1.david.iphmx.com|

              20140311:09:54:04|53715877|9489|Connecting to A -|66.200.137.70|

              20140311:09:54:04|53715877|9491|Channels Vip vipid:bindhost -|0:10.50.12.164|

              20140311:09:54:04|53715877|4099|Connecting to <BindHost:ConnectHost:ConnectPort> -|<10.50.12.164:66.200.137.70:25>|

              20140311:09:54:04|53715877|4139|-|Reply: '220 ***************************'|

              20140311:09:54:04|53715877|9492|Connection Status <status> -|1|

              20140311:09:54:04|53715877|4139|-|Sending: EHLO hhm.com|

              20140311:09:54:04|53715877|4139|-|Reply: '250-esa2.david.iphmx.com

              250-8BITMIME

              250-SIZE 52428800

              250 XXXXXXXA'|

              20140311:09:54:04|53715877|9523|Starting SendSmtpMsg in domain -|david.com|

              20140311:09:54:04|53715877|9570|BATV values are DSN_BVP_enable: <IsEnabled> mail_from: <Mail From> mdoutbound <IsOutbound> selfdeliveryMode <Delivery Mode> -|0:ssenter1@hhm.com:1:0|

              20140311:09:54:04|53715877|4139|-|Sending: MAIL FROM:<ssenter1@hhm.com> size=204601|

              20140311:09:54:05|53715877|4139|-|Reply: '250 sender <ssenter1@hhm.com> ok'|

              20140311:09:54:05|53715877|4139|-|Sending: RCPT TO:<chrystal.cooke@david.com>|

              20140311:09:54:05|53715877|4139|-|Reply: '250 recipient <chrystal.cooke@david.com> ok'|

              20140311:09:54:05|53715877|4139|-|Sending: DATA |

              20140311:09:54:05|53715877|4139|-|Reply: '354 go ahead'|

              20140311:09:54:06|53715877|4139|-|Reply: '250 ok:  Message 36586739 accepted'|

              20140311:09:54:06|53715877|9524|LOG_STAT <mail from>, <rcpt fix>, <size>, <date>, <secure Conn>.  -|ssenter1@hhm.com:['chrystal.cooke@david.com']:204601:2014/03/11 09:54:06:0|

              20140311:09:54:06|53715877|9506|Closing SMTP Connection||

              20140311:09:54:06|53715877|4139|-|Sending: QUIT |

              20140311:09:54:06|53715877|4139|-|Reply: '221 esa2.david.iphmx.com'|

              20140311:09:54:06|53715877|9480|Finished processing msgid -|53715877|