Hi David, thanks. Mail arrived without issues. I guess you have enabled outbound ecc certificate use on your ESA, right?
Regards Norbert -----Ursprüngliche Nachricht----- Von: mailop <[email protected]> Im Auftrag von David Prall via mailop Gesendet: Donnerstag, 23. Oktober 2025 14:11 An: [email protected] Betreff: Re: [mailop] Changes at Cisco ESA for outbound TLS ciphers? Norbert, Just sent you a direct message. It was delivered to you from ironport-c300vb.dcptech.com 23 Oct 2025 08:05:39 (GMT -04:00) SMTP delivery connection (DCID 590422) opened from Cisco IronPort interface 2620:ee:8000:101:0:a:196a:c0df to IP address 2a00:0:2d41:2:178:15:145:70 on port 25. 23 Oct 2025 08:05:40 (GMT -04:00) Delivery connection (DCID 590422) successfully accepted TLS protocol TLSv1.2 cipher ECDHE-ECDSA-AES256-GCM-SHA384 None. 23 Oct 2025 08:05:45 (GMT -04:00) Message 210610 to [email protected] received remote SMTP response '2.6.0 <[email protected]> [InternalId=26474178412560, Hostname=edge02.systema-online.de] 7144 bytes in 4.764, 1,464 KB/sec Queued mail for delivery'. David -- https://dprall.net On 10/23/2025 5:37 AM, Fehlauer, Norbert via mailop wrote: > Hi, > > I'm experiencing delivery problems from senders which uses Cisco ESA systems > to our on-prem Exchange systems. It seems that TLS negotiation fails between > sender and our system. > Error: TLS negotiation failed with error AlgorithmMismatch > > As I did not change anything on my side regarding the used ciphers, it seems > possible that Cisco rolled out some change to outbound TLS security. As I do > not have access to an ESA, can anyone comment if my assumption is correct? > And maybe if this is the root cause can give me a hint what I can tell the > sender admins? I guess somewhere at Cisco there would be some kind of > documentation about the current default ciphers. > > Kind regards > Norbert > > > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
