search cancel

Messages are not passing through a Mail Prevent server with TLS enabled (SMTP_CONNECTION.5203)


Article ID: 161298


Updated On:


Data Loss Prevention Network Prevent for Email


When TLS is enabled, messages stop flowing through the Data Loss Prevention Mail Prevent server.

The most recent RequestProcessor log will show the following exception: 

Oct 16, 2014 8:54:40 AM com.vontu.mta.rp.tls.SecureESMTPPeer init
INFO: Exception in SecureESMTPPeer initializer: 
at edu.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap.hash(
at edu.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap.get(
at com.vontu.keystorehouse.KeyStorehouse.getKeyContainer(
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.getCryptoKey(
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.getDecryptedBytes(
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.decryptPassword(
at com.vontu.mta.rp.RPConfig.getKeystorePassword(
at com.vontu.mta.rp.tls.SecureESMTPPeer.init(
at com.vontu.mta.rp.StartTLSState.handleResponse(
at com.vontu.mta.rp.RequestProcessorHandler.handleLine(
at com.vontu.mta.rp.ESMTPRequestProcessorThread.readPeer(
at com.vontu.mta.rp.ESMTPRequestProcessorThread.process(
Oct 16, 2014 8:54:40 AM com.vontu.mta.rp.ESMTPRequestProcessorThread handleIOException

The SMTP Operational log will include a reference to this exception with the following line:

INFO: (SMTP_CONNECTION.5203) Forward connection error (tid=28 cid=12 mta=<> reason=java.lang.NullPointerException)


The generated NullPointerException is caused through the inability of the Mail Prevent server to access its own keystore.


Verify the following:

  1. Ensure the correct keystore password has been entered into the Enforce Console for the Mail Prevent server encountering the issue.  This field can be found in the 'Configure' options for a given Mail Prevent server.  Once the password has been re-entered, save the configuration options and recycle the Mail Prevent server from the Enforce Console.
  2. Ensure the needed 'prevent.ks' keystore exists within the '\protect\keystore\' directory on the Mail Prevent server.  If a keystore does not exist within this directory, one must be recreated utilizing the 'keytool' application.