1. Forum
  2. Usenet
  3. COMP.MAIL.SENDMAIL

  • Massive Problems with receiving mails from outbound.protection.outlook.

    From Henning Hucke@21:1/5 to All on Tue Feb 8 06:53:32 2022
    Dear fellows,

    for one or the other month in the past but for shure in a raising
    manner in the last few weeks i've problems to receive mails which are
    emitted by microsoft systems below the domain

    outbound.protection.outlook.com

    and currently only could work around the problem by disabling STARTTLS
    for these systems with the "Srv_Features: S" setting.

    The problem triggers log lines like

    ... STARTTLS=server, error: accept failed=-1, reason=unknown, SSL_error=5, errno=0, retry=-1, relay=mail-fr2deu01on2061c.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e24:0:0:0:61c]

    and even persists with a cipher list of "DEFAULT:@SECLEVEL=0".

    Does anybody have setting which allow encrypted STARTTLS initiated mail exchange with and especially mail reception from these creepy microsoft systems?

    Best rergards
    Henning
    --
    Can't open /usr/fortunes. Lid stuck on cookie jar.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Claus =?iso-8859-1?Q?A=DFmann?= @21:1/5 to Henning Hucke on Tue Feb 8 03:18:24 2022
    Henning Hucke wrote:

    outbound.protection.outlook.com

    and currently only could work around the problem by disabling STARTTLS

    More info is needed...

    Do you use (too) short timeouts?
    How good is your network connectivity (esp. to M$)?

    What is your TLS setup?
    Which OpenSSL version do you use?
    What kind of certs do you use and do you have any special settings?

    and even persists with a cipher list of "DEFAULT:@SECLEVEL=0".

    AFAICT the defaults are working just fine, no modifications
    of any TLS related options are needed.

    --
    Note: please read the netiquette before posting. I will almost never
    reply to top-postings which include a full copy of the previous
    article(s) at the end because it's annoying, shows that the poster
    is too lazy to trim his article, and it's wasting the time of all readers.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)