search cancel

Encrypted SMTP connections with Microsoft Office 365 cloud service might fail in some situations

book

Article ID: 162830

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Symantec Messaging Gateway (SMG) might not be able to communicate with Microsoft Office 365 cloud service (e.g. *.outlook.com mail servers) when SSL/TLS encryption is enabled.

 

Resolution

It has been observed issues might be caused by use of potentially insecure or expired certificates. Please also see:

https://support.microsoft.com/en-us/kb/2862973

 

Please make sure certificates used for SSL/TLS communication including CA certificates, are valid and meet current security standards.

 

Please note: if issues cannot be resolved by replacing certificates, following workaround can be implemented:

Please uncheck Offer TLS client certificate in SMG advanced SMTP options section: Configuraton -> Hosts -> SMTP -> Advanced Settings

 

In addition SSLv3 option might need to be enabled if you are on 10.6.0-3 or 10.6.0-5 build, please see following article for further details:

When SSLv3 option is disabled, Symantec Messaging Gateway (SMG) fails to negotiate cipher suites with MTAs that support SSLv3 cipher suites only

http://www.symantec.com/docs/TECH233869

 

Please contact Symantec support if further assistance is needed.