On 23.10.2025 at 11:38 Fehlauer, Norbert via mailop wrote: > mostly it seems to come from systems which all resolve to .eu.iphmx.com > I assume it has to do with the use of ECC certificates (which we use) as I > wrote in my other mail
In general the Cisco systems support ECC certificates: Connecting to 178.15.145.73 on port 25. TLS connection established: protocol TLSv1.2, cipher ECDHE-ECDSA-AES256-GCM-SHA384. Probably you'll have to work with the sender side to find out what their issue is. > -----Ursprüngliche Nachricht----- > Von: mailop <[email protected]> Im Auftrag von Gellner, Oliver via > mailop > Gesendet: Donnerstag, 23. Oktober 2025 13:20 > An: [email protected] > Betreff: Re: [mailop] Changes at Cisco ESA for outbound TLS ciphers? > > On 23.10.2025 at 11:38 Fehlauer, Norbert via mailop wrote: > >> I'm experiencing delivery problems from senders which uses Cisco ESA systems >> to our on-prem Exchange systems. It seems that TLS negotiation fails between >> sender and our system. >> Error: TLS negotiation failed with error AlgorithmMismatch >> >> As I did not change anything on my side regarding the used ciphers, it seems >> possible that Cisco rolled out some change to outbound TLS security. As I do >> not have access to an ESA, can anyone comment if my assumption is correct? >> And maybe if this is the root cause can give me a hint what I can tell the >> sender admins? I guess somewhere at Cisco there would be some kind of >> documentation about the current default ciphers. > > Are these connections coming from Ciscos Secure Email Cloud aka Ironport > Hosted Mail Exchange, or are you referring to Cisco ESA run by customers? -- BR Oliver ________________________________ dmTECH GmbH Am dm-Platz 1, 76227 Karlsruhe * Postfach 10 02 34, 76232 Karlsruhe Telefon 0721 5592-2500 Telefax 0721 5592-2777 [email protected]<mailto:[email protected]> * www.dmTECH.de<http://www.dmtech.de> GmbH: Sitz Karlsruhe, Registergericht Mannheim, HRB 104927 Geschäftsführer: Christoph Werner, Martin Dallmeier, Roman Melcher ________________________________ Datenschutzrechtliche Informationen Wenn Sie mit uns in Kontakt treten, beispielsweise wenn Sie an unser ServiceCenter Fragen haben, bei uns einkaufen oder unser dialogicum in Karlsruhe besuchen, mit uns in einer geschäftlichen Verbindung stehen oder sich bei uns bewerben, verarbeiten wir personenbezogene Daten. Informationen unter anderem zu den konkreten Datenverarbeitungen, Löschfristen, Ihren Rechten sowie die Kontaktdaten unserer Datenschutzbeauftragten finden Sie hier<https://www.dm.de/datenschutzerklaerung-kommunikation-mit-externen-493832>. _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
