Mailing List Message #102748
From: Scott Jensen <>
Subject: Problem establishing a secure SMTP connection
Date: Mon, 28 Nov 2011 17:07:27 -0500
To: CommuniGate Pro Discussions <>
X-Mailer: Apple Mail (2.936)
     I've got a problem I've never seen before occurring today (apparently it started just before thanksgiving).  Some users at Disney are trying to send messages to my users, and they're getting a failure bounce back.  We can send messages to them with no problem, but they can't send or reply to us.  The problem seems to revolve around the inability of the two servers to negotiate a TLS connection.  Here's an example bounce a Disney user is getting back (sent to me via gmail - sender & rcvr addresses changed):

Diagnostic information for administrators:

Generating server:
#< #4.4.7 SMTP; 403 4.7.0 TLS handshake failed.> #SMTP#

Original message headers:

Return-Path: <>
Received: from int2.disney.pvt (int2.disney.pvt [])
	by (Switch-3.4.4/Switch-3.4.3) with ESMTP id pAN1ntKk027634
	for <>; Wed, 23 Nov 2011 01:49:55 GMT
Received: from ( [])
	by int2.disney.pvt (Switch-3.4.4/Switch-3.4.3) with ESMTP id pAN1nsff014976
	(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL)
	for <>; Wed, 23 Nov 2011 01:49:54 GMT
Received: from
 ([fe80::9c8d:2c28:ac0e:7256]) by
 ([2002:9907:f811::9907:f811]) with mapi; Tue, 22 Nov 2011 17:49:54 -0800
From: "Disney Sender name" <>
To: "ILP User name" <>,
        "Other Disney Recip name"
Date: Tue, 22 Nov 2011 17:49:53 -0800
Subject: Re: (Disney Studios) - just got your message
Thread-Topic: (Disney Studios) - just got your message
Thread-Index: AcypgjJoRGvU9sSRQqa6l9SsKBm3XQ==
Message-ID: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
acceptlanguage: en-US
Content-Type: text/plain
MIME-Version: 1.0
X-Source-IP: []

Final-recipient: RFC822;
Action: failed
Status: 4.4.7
X-Supplementary-Info: < #4.4.7 SMTP; 403 4.7.0 TLS handshake failed.>

     I turned up the SMTP logging level to All Info and asked them to try sending to me again.  Here's what I got in the log file.

16:31:26.886 4 SMTPI-090136([]) got connection on []:25( from []:36718
16:31:56.979 5 SMTPI-090136([]) out: 220 ESMTP CommuniGate Pro 5.4.2\r\n
16:31:57.061 5 SMTPI-090136([]) inp: EHLO
16:31:57.096 5 SMTPI-090136( out: is pleased to meet you\r\n250-DSN\r\n250-SIZE 78643200\r\n250-STARTTLS\r\n250-AUTH LOGIN PLAIN CRAM-MD5 DIGEST-MD5 GSSAPI MSN NTLM\r\n250-ETRN\r\n250-TURN\r\n250-ATRN\r\n250-NO-SOLICITING\r\n250-8BITMIME\r\n250-HELP\r\n250-PIPELINING\r\n250 EHLO\r\n
16:31:57.178 5 SMTPI-090136( inp: STARTTLS
16:31:57.179 5 SMTPI-090136( out: 220 please start a TLS connection\r\n
16:31:57.344 3 SMTPI-090136( failed to accept a secure connection for ''. Error Code=connection reset by peer
16:31:57.544 4 SMTPI-090136( closing connection
16:31:57.544 4 SMTPI-090136( releasing stream

     Any ideas?  Our CGP is v5.4.2 running on a OSX 10.6 box.  My initial reaction is that there must be something wrong with their server, since we have no problem receiving email from anyone else, but I suspect their email admins might say the same thing...

     Thanks for any help!

Scott C. Jensen
  Asst. Director, Office of Info Services
    MIT Corporate Relations - Industrial Liaison Program
      Room W98-050    600 Memorial Drive   Cambridge, MA   02139
        617/253-0441      FAX: 617/258-0796     Email:

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster