Following the upgrade to Messaging Gateway (SMG) 10.7.5, connections from mail servers which were previously able to send to SMG now shows the actions "Rejected message by MTA, TLS on reception enforced" even though TLS secured delivery is not required by the SMG configuration.
Release : 10.7.5
Following the 10.7.5 release, Messaging Gateway became more strict with respect to certificate validation, including validation of client certificates supplied by servers sending to Messaging Gateway. When requesting a client certificate from a sending server:
In many cases, an SMTP server sending to Messaging Gateway may provide a client certificate that is not trusted by Messaging Gateway which prevents TLS from proceeding.
This issue may be resolved by unchecking the "Request client certificate" checkbox in Administration > Configuration > host > SMTP > Inbound