HI Norbert
comments in line
On 26/02/2026 12:04, Fehlauer, Norbert via mailop wrote:
Hi,
I’m having a problem receiving mails from some sending servers. The
logfile shows, that the sending server won’t send after the tls
session is started:
2026-01-20T14:22:07.126Z,edge01\Internet,08DE372FE331F619,7,10.0.0.4:25,194.42.96.41:35025,*,,"TLS
protocol SP_PROT_TLS1_2_SERVER negotiation succeeded using bulk
encryption algorithm CALG_AES_256 with strength 256 bits, MAC hash
algorithm CALG_SHA_384 with strength 0 bits and key exchange algorithm
CALG_ECDH_EPHEM with strength 384 *bits"*
*2026-01-20T14:22:07.141Z,edge01\Internet,08DE372FE331F618,8,10.0.0.4:25,194.42.96.41:46695,-,,Remote(SocketError)*
*2026-01-20T14:22:07.159Z,edge01\Internet,08DE372FE331F619,8,10.0.0.4:25,194.42.96.41:35025,-,,Remote(SocketError)*
Presumably the remote server suddenly disconnected. Why will hopefully
be in the logs of the remote server. I don't think there is evidence to
support it being a timeout issue.
https://de.ssl-tools.net/mailservers/systema-online.de
Does not resolve to a website for me.
testing with this tool seems to be different handling when using the
server with ecc certificate (edge02) instead of RSA based certificate.
Both are Exchange Servers with Edge Role.
I contacted the supportdesk of an affected sender (cleverreach) and
they send me some telnet logs, but I just don’t see any hint if the
problem is on my side or if the sending side just handles something wrong.
$ telnet edge01.systema-online.de 25 Trying 178.15.145.73...Connected
to edge01.systema-online.de.Escape character is '^]'.220
edge01.systema-online.de Microsoft ESMTP MAIL Service ready at Wed, 25
Feb 2026 10:28:08 +0100ehlo
crash.crsend.com250-edge01.systema-online.de Hello
[80.228.25.228]250-SIZE
20971520250-PIPELINING250-DSN250-ENHANCEDSTATUSCODES250-STARTTLS250-8BITMIME250-BINARYMIME250-CHUNKING250
SMTPUTF8ehlo crash.crsend.com250-edge01.systema-online.de Hello
[80.228.25.228]250-SIZE
20971520250-PIPELINING250-DSN250-ENHANCEDSTATUSCODES250-STARTTLS250-8BITMIME250-BINARYMIME250-CHUNKING250
SMTPUTF8500 5.3.3 Unrecognized command 'unknown'ehlo
crash.crsend.com500 5.3.3 Unrecognized command 'unknown'ehlo
crash.crsend.com250-edge01.systema-online.de Hello
[80.228.25.228]250-SIZE
20971520250-PIPELINING250-DSN250-ENHANCEDSTATUSCODES250-STARTTLS250-8BITMIME250-BINARYMIME250-CHUNKING250
SMTPUTF8250-edge01.systema-online.de Hello [80.228.25.228]250-SIZE
20971520250-PIPELINING250-DSN250-ENHANCEDSTATUSCODES250-STARTTLS250-8BITMIME250-BINARYMIME250-CHUNKING250
SMTPUTF8
Anyone has an idea what the problem might be?
Hard to tell from this string of data. Seems that during the telnet
session, some invalid input was given. I would say that whatever error
was made in the telnet session is unrelated to your problem. Reason for
saying that is that telnet is not useful for testing encrypted
connections. For this kind of testing openssl s_client command is
appropriate. It's important to get the logging from the same transaction
that gave you the error or if it's a test to reproduce the error, it's
important to capture both sides of the logging from the same test, else
you won't really know if the error is the same one you're
troubleshooting or an unrelated one.
Regards
Norbert
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
