ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Messages are not passing through a Mail Prevent server with TLS enabled (SMTP_CONNECTION.5203)

book

Article ID: 161298

calendar_today

Updated On:

Products

Data Loss Prevention Network Prevent for Email

Issue/Introduction

When TLS is enabled, messages stop flowing through the Data Loss Prevention Mail Prevent server.

The most recent RequestProcessor log will show the following exception: 

Oct 16, 2014 8:54:40 AM com.vontu.mta.rp.tls.SecureESMTPPeer init
INFO: Exception in SecureESMTPPeer initializer: 
java.lang.NullPointerException
at edu.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap.hash(ConcurrentReaderHashMap.java:292)
at edu.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap.get(ConcurrentReaderHashMap.java:404)
at com.vontu.keystorehouse.KeyStorehouse.getKeyContainer(KeyStorehouse.java:282)
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.getCryptoKey(PasswordDecryptor.java:45)
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.getDecryptedBytes(PasswordDecryptor.java:38)
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.decryptPassword(PasswordDecryptor.java:22)
at com.vontu.mta.rp.RPConfig.getKeystorePassword(RPConfig.java:328)
at com.vontu.mta.rp.tls.SecureESMTPPeer.init(SecureESMTPPeer.java:167)
at com.vontu.mta.rp.StartTLSState.handleResponse(StartTLSState.java:61)
at com.vontu.mta.rp.RequestProcessorHandler.handleLine(RequestProcessorHandler.java:87)
at com.vontu.mta.rp.ESMTPRequestProcessorThread.readPeer(ESMTPRequestProcessorThread.java:899)
at com.vontu.mta.rp.ESMTPRequestProcessorThread.process(ESMTPRequestProcessorThread.java:978)
at com.vontu.mta.rp.ESMTPRequestProcessorThread.run(ESMTPRequestProcessorThread.java:1391)
at java.lang.Thread.run(Thread.java:744)
Oct 16, 2014 8:54:40 AM com.vontu.mta.rp.ESMTPRequestProcessorThread handleIOException

The SMTP Operational log will include a reference to this exception with the following line:

INFO: (SMTP_CONNECTION.5203) Forward connection error (tid=28 cid=12 mta=<> reason=java.lang.NullPointerException)

Cause

The generated NullPointerException is caused through the inability of the Mail Prevent server to access its own keystore.

Resolution

Verify the following:

  1. Ensure the correct keystore password has been entered into the Enforce Console for the Mail Prevent server encountering the issue.  This field can be found in the 'Configure' options for a given Mail Prevent server.  Once the password has been re-entered, save the configuration options and recycle the Mail Prevent server from the Enforce Console.
  2. Ensure the needed 'prevent.ks' keystore exists within the '\protect\keystore\' directory on the Mail Prevent server.  If a keystore does not exist within this directory, one must be recreated utilizing the 'keytool' application.