[SOLVED] STARTTLS command rejected

Discussion forum for Enterprise Edition.
Post Reply
GianlucaC
Posts: 5
Joined: Mon Dec 05, 2016 2:51 pm

[SOLVED] STARTTLS command rejected

Post by GianlucaC » Mon Dec 05, 2016 2:58 pm

Hi, i have a installataion of mailenable ent. ver 9.52

i have installed a certificate in "personal" folder and i have grant access to IME_SYSTEM and IME_GROUP

in Server->locahost->Properties->SSL i have selected my certificate
in SMTP->Properties i check "Enable inbound TLS"

i test my settings with http://www.checktls.com/perl/TestReceiver.pl
and this is the result:

Trying TLS on mail.CENSORED.biz[CENSORED] (5):
seconds test stage and result
[000.139] Connected to server
[000.276] <-- 220 CENSORED ESMTP MailEnable Service, Version: 9.52--9.52 ready at 12/05/16 15:50:03
[000.276] We are allowed to connect
[000.277] --> EHLO checktls.com
[000.422] <-- 250-CENSORED [216.68.85.112], this server offers 7 extensions
250-AUTH LOGIN
250-SIZE 0
250-HELP
250-AUTH=LOGIN
250-STARTTLS
250-XSAVETOSENT
250 X-SAVETOSENT
[000.422] We can use this server
[000.423] TLS is an option on this server
[000.423] --> STARTTLS
[000.562] <-- 454 TLS not available due to temporary reason
[000.562] STARTTLS command rejected
[000.562] --> MAIL FROM:<test@checktls.com>
[000.806] <-- 250 Requested mail action okay, completed
[000.807] Sender is OK
[000.807] --> RCPT TO:<CENSORED@CENSORED>
[001.376] <-- 250 Requested mail action okay, completed
[001.377] Recipient OK, E-mail address proofed
[001.377] --> QUIT
[001.515] <-- 221 Service closing transmission channel

Could someone help me?
Last edited by GianlucaC on Thu Dec 15, 2016 2:59 pm, edited 1 time in total.

kiamori
Posts: 221
Joined: Wed Nov 04, 2009 1:39 am
Contact:

Re: STARTTLS command rejected

Post by kiamori » Tue Dec 06, 2016 12:29 pm

Are you trying to do TLS inbound via IMAP because Mailenable does not yet support this.

MailEnable-Ian
Site Admin
Posts: 8951
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: STARTTLS command rejected

Post by MailEnable-Ian » Tue Dec 06, 2016 11:00 pm

Hi,

First step is to telnet locally to the SMTP service on port 25 on the MailEnable server. Open a command prompt and type:

Code: Select all

telnet localhost 25

Then type:

Ehlo there

Next:

startls
Does it return "454 TLS not available due to temporary reason"? If it doesn't and returns "220 Ready to start TLS" then perhaps the problem is that you don't have TLS 1.1 and TLS 1.2 enabled on the server within Windows and the remote check is failing because of this. Review the following article and enable TLS 1.1 and TLS 1.2.

https://technet.microsoft.com/en-us/lib ... elTR_TLS12
Regards,

Ian Margarone
MailEnable Support

GianlucaC
Posts: 5
Joined: Mon Dec 05, 2016 2:51 pm

Re: STARTTLS command rejected

Post by GianlucaC » Wed Dec 07, 2016 9:09 am

Hi, i try the command on telenet this is my session

220 ***.biz ESMTP MailEnable Service, Version: 9.52--9.52 ready at 12/07/16 10:09:00
ehlo there
250-***.biz [127.0.0.1], this server offers 7 extensions
250-AUTH LOGIN
250-SIZE 0
250-HELP
250-AUTH=LOGIN
250-STARTTLS
250-XSAVETOSENT
250 X-SAVETOSENT
starttls
454 TLS not available due to temporary reason

thanks for help

GianlucaC
Posts: 5
Joined: Mon Dec 05, 2016 2:51 pm

Re: STARTTLS command rejected

Post by GianlucaC » Mon Dec 12, 2016 2:25 pm

can someone help me to activate the tls connections?

MailEnable-Ian
Site Admin
Posts: 8951
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: STARTTLS command rejected

Post by MailEnable-Ian » Tue Dec 13, 2016 12:43 am

Hi,

Most likely there is a problem with either your SSL certificate binding or a configuration problem. Private message me with detailed information about the server in regards to local domain domain. Or perhaps RDP login details and Ill take a quick look at the configuration directly on the server.
Regards,

Ian Margarone
MailEnable Support

GianlucaC
Posts: 5
Joined: Mon Dec 05, 2016 2:51 pm

Re: STARTTLS command rejected

Post by GianlucaC » Wed Dec 14, 2016 7:34 am

i send you a pm :)

MailEnable-Ian
Site Admin
Posts: 8951
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: STARTTLS command rejected

Post by MailEnable-Ian » Wed Dec 14, 2016 11:26 pm

Hi,

Pm'd
Regards,

Ian Margarone
MailEnable Support

GianlucaC
Posts: 5
Joined: Mon Dec 05, 2016 2:51 pm

Re: [SOLVED] STARTTLS command rejected

Post by GianlucaC » Thu Dec 15, 2016 3:01 pm

i export the private key from the principal server and install on server mail. (i've generated the request for certificate on another server )
This solved the problem
Thanks to all :)

Post Reply