search cancel

Communication fails between Email Prevent server and MTA with TLS enabled

book

Article ID: 163221

calendar_today

Updated On:

Products

Data Loss Prevention Network Prevent for Email Data Loss Prevention Cloud Service for Email Data Loss Prevention Cloud Package

Issue/Introduction

When trying to configure TLS communication between Email Prevent and MTA the TLS handshake never completes and the following error is found in the SMTPOperational log on the detection server:

 (SMTP_CONNECTION.XXXX) Forward connection error (tid=XX cid=Y mta=<> reason=Channel is null in ESMPPerr:recv)

IE:

 (SMTP_CONNECTION.5203) Forward connection error (tid=XX cid=YY mta=<> reason=Channel is null in ESMPPerr:recv)

Cause

The keystore password may not be set on the Detection server's configuration.  This prevents the DLP services from being able to access the keystore when a certificate exchange needs to happen between servers.
 

Environment

SMTP Prevent running in forwarding or reflecting mode

 

Resolution

  1. Log onto the Enforce console that manages Network Prevent for Email Server.
  2. Select System > Servers > Overview from the main menu bar.
  3. Click the name of the Network Prevent for Email Server you want to configure.
  4. Click Configure.
  5. In the Security Configuration section, fill in the fields as follows:
    Field Description
    Keystore Password Enter the correct password for the keystore file
    Confirm Keystore Password Re-enter the keystore password
  6. Click Save.