SMTP with TLS

Hi Colleagues,
we are on CRM 5.0 (AS 7.00 SPS 15) and we have requirement to send emails to the external system over TLS, so I was wondering if it's possible to configure SAP SMTP server to use TLS or we need external Secured E-Mail Proxy Server to do it.
Thanks,
Alex

Hi,
In my humble opinion, it is not possible from standard CRM 5.0. I tink you will have to use an external email proxy server.
Regards,
Olivier

Similar Messages

SMTP with TLS in applet or TCL

I am trying to relay an email through Gmail. I found in EMM 4.0 support was added for TLS with the keyword "secure" in the applet but I have not found any documentation anywhere on how to do this in TCL policy. The trouble is that we are limited on the applet by feature request CSCsv24106 to allow the @ sign in the username which Gmail requires.
Can anyone assist in documentation for cisco::lib that explains how to use TLS for smtp_send_email function (or another function that accomplishes SSL-SMTP)? The release notes for EMM 4.0 say the added "secure" keyword is intended to use web-based email, but most of them require the full email address as the username.
If I am wrong on this, please provide an example of relaying an email through Gmail.
Thanks.

TLS support is only available in applets as the IOS Tcl does not support crypto. As you point out, if you need to use an email username with an '@' that will not be possible with TLS at this time.

Exchange 2013 - mail hops (Microsoft SMTP Server (TLS))

Hi,
I'm comparing the hops between exchange2013 and exchange2010. I notice Exchange 2013 has an extra hop when sending out emails. Please note that exchange2013 and exchange2010 are not part of the same Active Directory. They are completely separate companies.
The reason why I'm asking about the extra hop is I notice ex2013 first email takes about 1 min to get delivered externally and subsequent email sends are instant. If I haven't emailed for a while (eg. 10mins), the first email takes about 1min to get delivered
again externally and subsequent emails are instant. I don't notice this delay with Exchange 2010.
Exchange 2013 why is there an extra hop (hop #2, Microsoft SMTP Server (TLS))? Could the TLS be the reason of the delay because it is trying to talk to telus smtp via TLS but telus doesn't use TLS and exchange2013 falls back to smtp without TLS for email
send?:
Hop
Delay
from
by
with
time (UTC)
1
ex2013svr.corp.contoso1.com
ex2013svr.corp.contoso1.com
mapi
1/17/2014 5:22:07 PM
2
0 seconds
ex2013svr.corp.contoso1.com
ex2013svr.corp.contoso1.com
Microsoft SMTP Server (TLS)
1/17/2014 5:22:07 PM
3
39 seconds
ex2013svr.corp.contoso1.com 206.x.x.x
cmta1.telus.net
TELUS
1/17/2014 5:22:46 PM
4
1 Second
cmta1.telus.net 209.171.16.74
BAY0-MC2-F44.Bay0.hotmail.com
Microsoft SMTPSVC(6.0.3790.4900)
1/17/2014 5:22:47 PM
Exchange 2010 doesn't have the 'Microsoft SMTP Server (TLS)' hop:
Hop
Delay
from
by
with
time (UTC)
1
ex2010svr.corp.contoso2.com
ex2010svr.corp.contoso2.com
mapi
1/17/2014 5:20:48 PM
2
0 seconds
ex2010svr.corp.contoso2.com 98.x.x.x
skaro.stargate.ca
ESMTP
1/17/2014 5:20:48 PM
3
1 Second
skaro.stargate.ca 98.143.80.200
SNT0-MC2-F53.Snt0.hotmail.com
Microsoft SMTPSVC(6.0.3790.4900)
1/17/2014 5:20:49 PM

Are you using Self Signed Cert? If yes!!!
In Exchange 2013, Setup creates a self-signed certificate. By default, TLS is enabled. This enables any sending system to encrypt the inbound SMTP session to Exchange. By default, Exchange 2013 also attempts TLS for all remote connections.
Cheers,
Gulab Prasad
Technology Consultant
Blog:
http://www.exchangeranger.com    Twitter:
  LinkedIn:
   Check out CodeTwo’s tools for Exchange admins
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Outlook 2010 IMAP connection problem and not work with TLS enabled

Dear all,
Need your help. 5 users of my customer Outlook 2010 suddenly popped error message "Your IMAP server closed the connection". We checked that there is no problem in IMAP connection in Exchange 2007 server (SP3) (we tested with setup new
account in another Outlook and able to connect, send and receive email).
We are able to workaround the problem of that 5 users by disabling TLS in account setting for SMTP to Exchange. The users can then connect and able to send and receive. (however, in our testing above, there is no problem with TLS).
Could you help to enlighten me what may be the cause of this situation?
Best Regards,
Rayson Wong

Hi,
Please click File > Account Settings > Account Settings > Select the IMAP account and click
Change > More Settings button > Advanced tab, and then adjust the
Server Timeouts slider bar to a longer time to check the result.
Also make sure the SMTP server port number is set correctly.
Please let me know the result.
Regards,
Steve Fan
TechNet Community Support

Send mail to exchange server with TLS

Hi,
last month I enabled an oracle wallet TDE for creating encription for TS.
Today, development team needs to send mail to exchange server with TLS.
So I found this procedure on oracle support Doc ID 1323140.1
My question is, can I use the same wallet to send mails from db?
The Oracle Database 11.2.0.3
Or I need to implement a different type of wallet with certificate?
Is there, in this case, a procedure step by step?
I have never implemented that and I'm very confused....
Thanks in advanced

Hi, I have implemented a new wallet with certificates (for test SMTP.gmail.com) and i'm tryied to use this procedure:
DECLARE
mailhost VARCHAR2(64) := 'smtp.mydomain.it';
sender VARCHAR2(64) := '[email protected]';
recipient VARCHAR2(64) := '[email protected]';
wallet_pwd VARCHAR2(64) := 'welcome1';
wallet_loc VARCHAR2(64) := 'file:/etc/ORACLE/FRMSSYST/SMTP/';
user_name VARCHAR2(64) := 'HDC021319'; -- alias for '[email protected]'
user_pwd VARCHAR2(64) := 'password'; -- password of [email protected]
mail_connection utl_smtp.connection;
BEGIN
-- Make a secure connection using the SSL port configured with your SMTP server
-- Note: The sample code here uses the default of 465 but check your SMTP server settings
mail_connection := utl_smtp.open_connection(
host => mailhost,
port => 25,
wallet_path => wallet_loc,
wallet_password => wallet_pwd,
secure_connection_before_smtp => FALSE);
-- Call the Auth procedure to authorized a user for access to the mail server
-- Schemes should be set appropriatelty for your mail server
-- See the UTL_SMTP documentation for a list of constants and meanings
UTL_SMTP.helo(mail_connection, mailhost);
UTL_SMTP.STARTTLS(mail_connection);
UTL_SMTP.AUTH(
c => mail_connection,
username => user_name,
password => user_pwd,
schemes => 'LOGIN');
-- Set up and make the the basic smtp calls to send a test email
utl_smtp.helo(mail_connection, mailhost);
utl_smtp.mail(mail_connection, sender);
utl_smtp.rcpt(mail_connection, recipient);
utl_smtp.open_data(mail_connection);
utl_smtp.write_data(mail_connection, 'This is a test message using SSL with SMTP.' || chr(13));
utl_smtp.write_data(mail_connection, 'This test requires an Oracle Wallet be properly configured.' || chr(13));
utl_smtp.close_data(mail_connection);
utl_smtp.quit(mail_connection);
END;
This procedure, works fine if I try to send an email to smtp.gmail.com (I tried first with gmail with appropriate certificates), but now, when I try to send an email to the local enterprise Exchange server I get this error:
ERROR at line 1:
ORA-29279: SMTP permanent error: 503 5.5.2 Send hello first
ORA-06512: at "SYS.UTL_SMTP", line 54
ORA-06512: at "SYS.UTL_SMTP", line 140
ORA-06512: at "SYS.UTL_SMTP", line 439
ORA-06512: at line 35
Thanks in adavanced

EmailService configuration with TLS

I am a problem trying to use the "EmailService" found in "Foundation". My SMTP host require the authentication with TLS configuration. The email server does not send the mail because authentication fails, while using the same configurations from another client is sending successfully. This is the log with authentication with livecycle EmailService: T 10.200.1.4:25 -> 1.120.195.36:1821 [AP] 220 mail.mydomain.tld ESMTP.. # T 1.120.195.36:1821 -> 10.200.1.4:25 [AP] EHLO adobelive.. ## T 10.200.1.4:25 -> 1.120.195.36:1821 [AP] 250-mail.mydomain.tld..250-PIPELINING..250-SIZE 10485760..250-ETRN..250-STARTTLS..250-ENHANCEDSTATUSCODES..250-8BITMIME..250 DSN.. # T 1.120.195.36:1821 -> 10.200.1.4:25 [AP] MAIL FROM:<[email protected]>.. # T 10.200.1.4:25 -> 1.120.195.36:1821 [AP] 250 2.1.0 Ok.. This is the log with authentication with another client: ## T 1.120.195.36:34258 -> 10.200.1.4:25 [AP] EHLO [192.168.0.75].. ## T 10.200.1.4:25 -> 1.120.195.36:34258 [AP] 250-mail.mydomain.tld..250-PIPELINING..250-SIZE 10485760..250-ETRN..250-STARTTLS..250-ENHANCEDSTATUSCODES..250-8BITMIME..250 DSN.. ## T 1.120.195.36:34258 -> 10.200.1.4:25 [AP]STARTTLS.. # T 10.200.1.4:25 -> 1.120.195.36:34258 [AP] 220 2.0.0 Ready to start TLS.. # T 1.120.195.36:34258 -> 10.200.1.4:25 [AP] [email protected]!...X.F...u.U.d.`.-...O.[_...(.9.8.5.3.2...../.................d.b....... ..........mail.mydomain.tld

Hi Ingo,
I have the CMS in one server and the processing servers on another server
I am trying to configure on the CMS server.
When I open the CMC and put Application server details it works but when I put message server details it is not able to connect but when I put the message server details in Application server details it works .
Please advise
regards
Deepak

Send mail with TLS to MS exchange server

Hi,
last month I enabled an oracle wallet TDE for creating encription for TS.
Today, development team needs to send mail to exchange server with TLS.
So I found this procedure on oracle support Doc ID 1323140.1
My question is, can I use the same wallet to send mails from db?
The Oracle Database 11.2.0.3
Or I need to implement a different type of wallet with certificate?
Is there, in this case, a procedure step by step?
I have never implemented that and I'm very confused....
Thanks in advanced

Hi,
For questions about the wallet set up you should try either -
Database Security - General
or
General Database Discussions
or perhaps the PL/SQL form as you are trying to follow one of their notes -
PL/SQL
Regards,
Mike

Synthetic Transactions Fail with TLS error

Hi,
Most of the test-cs cmdlets fail with the error: The operation failed due to issues with Tls. See the exception for more information.
Inner Exception:CertificateInfoNative::AcquireCredentialsHandle() failed; HRESULT=-2146893043.
Lync itself is working fine.
Any thoughts?

Hi,
Are you trying this command via remote power shell which is not exactly the lync server, if this is the case then with which user are you logged in, does this user have required permissions. also have a look in to this.
http://social.msdn.microsoft.com/Forums/en-US/ucmanagedsdk/thread/ca0d7758-d51b-4728-be0f-ae2c222546eb and
http://blog.greenl.ee/2009/03/25/troubleshooting-tlsexception-in-ucma-2-0-applications/
If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft Lync

What version of SQL Server support ssl connection with TLS. 1.2 (SHA-256 HASH)

Hi,
I just want to know,
What version of SQL Server support ssl connection with TLS. 1.2 (SHA-256 HASH).
if support already,
how can i setting.
plz. help me!!!

The following blog states that SQL Server "leverages the SChannel layer (the SSL/TLS layer provided
by Windows) for facilitating encryption. Furthermore, SQL Server will completely rely upon SChannel to determine the best encryption cipher suite to use." meaning that the version of SQL Server you are running has no bearing on which
encryption method is used to encrypt connections between SQL Server and clients.
http://blogs.msdn.com/b/sql_protocols/archive/2007/06/30/ssl-cipher-suites-used-with-sql-server.aspx
So the question then becomes which versions of Windows Server support TLS 1.2. The following article indicates that Windows Server 2008 R2 and beyond support TLS 1.2.
http://blogs.msdn.com/b/kaushal/archive/2011/10/02/support-for-ssl-tls-protocols-on-windows.aspx
So if you are running SQL Server on Windows Server 2008 R2 or later you should be able to enable TLS 1.2 and install a TLS 1.2 certificate. By following the instructions in the following article you should then be able to enable TLS 1.2 encryption
for connections between SQL Server and your clients:
http://support.microsoft.com/kb/316898
I hope that helps.

Why is PayPal still preferring a RC4 cipher with TLS 1.2? Is RC4 with TLS secure?

My connection with Paypal is using RC4_128 as the preferred cipher with TLS 1.2. I was under the impression that RC4 was quite vulnerable and that AES-GCM is strongly preferred with TLS 1.2 as a more secure alternative? Am I incorrect? How much of a concern is this? thanks!

I'm no expert here so forgive me if I do not make sense. As I understand it and as you noted, TLS 1.2 with AES GCM is really the tour-de-force of a secure connection that best mitigates the chance of victimization (but enterprise clients are still progressively adopting it.) Maybe 12-18 months back I recall reading Microsoft urging enterprise clients to work in the direction of phasing out RC4, and immediately make RC4 at the bottom at the list of preferred ciphers due to fears of growing ease in exploitation (many of which were NOT necessarily instituted in practice but more 'theoretical targeting'. However, based on what you showed me, I am guessing this was said when CBC was assumed to be more secure than it is today (as was TLS 1.0/1.1). Some of Paypal's servers support GCM and those servers make AES GCM prioritized over RC4. However, from what I can tell not all PayPal servers support GCM. Based on what you are saying, does that mean Paypal is likely prioritizing RC4 over CBC on these servers given the recent demonstrations of how CBC is also vulnerable? If that is the case, hopefully they are moving in the direction of GCM. Whether Paypal likes it or not, they are a huge target (and therefore we are too ) While it's impossible to quantify, based on what you are saying it sounds like the risk here is still relatively low? Again, I'm not an expert on this but rather a guy who does research for a living and had a financial nightmare unfold because I never gave much thought to secure connections. One website, some obsolete cryptography, and the entering of the financial data you use to make purchases, **bleep** on earth broke. (I consider myself partly at fault due to my ignorance of assuming that a secure connection was a secure connection.) https://www.ssllabs.com/ssltest/analyze.html?d=paypal.com&s=23.203.228.56

Dreamweaver CS 5.5 not working with Godaddy FTP with TLS/SSL

I've upgraded to CS 5.5 and tried to connect to a client's Godaddy account with FTP with TLS/SSL it fails. Works perfectly with my mac app Transmit every time as it always has. It doesn't work with implicit or explicit settings with authentication set to none or otherwise.
Can someone please let me know if Dreamweaver will ever be compatible with FTP with TLS/SSL and Godaddy? Or is there some setting I can try that will make it work now somehow?
Been waiting years for this....

SnakEyez02 wrote:
First, that's a Godaddy problem if their security isn't up to par.
That may be the case that Godaddy is also at fault, but every other FTP app I use with Godaddy works fine. It's just Dreamweaver and has always been just Dreamweaver not working with a secure connection to Godaddy. Considering Godaddy is the largest webhost in the USA, you'd think Adobe would have fixed this years ago. I should also mention I'm not endorsing Godaddy and I understand there's plenty of people that don't like Godaddy for very good reasons.
Sent you PM with FTP account with Godaddy yesterday. Thank you for taking a look!
UPDATE: Whoops, I see you responded via private message already. I'll paste most of it here in hopes it helps others to understand the issue:
via SnakEyez02 PM:
Ok this took a lot of digging. I won't say it's not a DW issue 100% and I will report a bug for your problem, but DW is not the problem alone Godaddy needs to share the blame here for a bad certificate. Here is what is happening:
I'll start with DW:
- The settings are correct that were in the post. Port 21, FTP explicit, and the authentication should be set to None (encyprtion only). This is where the transmission is encrypted using SSL, but the certificate is shared and not specific to the domain owner. That is the difference between DW's "none" and "trusted". It's a poor choice of words I'll give them that. However, Godaddy seems to want all connections to be trusted thus the other error you get when you turn on the None option. Now could DW do what Transmit does, warn you and write in an unsigned certificate into the Keychain app, probably, is it best practice for security reasons to "Trust" an unsigned certificate probably not.
Now Transmit:
- As explained above Transmit opens up a prompt to override and create a fake-trusted signed certificate. Thus by forcing the OS to think a legitimate certificate is there it gets you through albeit through unconventional methods.
The problem:
- A good portion of this problem lies with Godaddy. Now I use a shared hosting account and set one up on an independant host for a friend of mine and both of them accept the shared certificates (SSL explicit). The difference is the hostname of the certificate. I ran a traceroute (from Network Utility in Utilities folder) on your website and came up with the following address: 173.201.23x.x.
The problem is that the certificate on your server is actually not for that server which is the reason DW seems to have such an issue with it. The SSL certificate that Godaddy put on your shared server is for host - 173.201.19x.5x. As you can see, it's a certificate for another server. Honestly the fact that Panic's Transmit allows this override scares me a little bit and the fact that Godaddy never noticed this issue either scares me to. So while DW could write in a bad certificate I can see why this is happening.
I know there is not much solice in my answer because it still doesn't alleviate the problem that you have with DW connecting. Unfortunately I do not have a workaround despite my numerous attempts to try and gain access over a secure connection. One alternative you could ask Godaddy for in the meantime is an SSH connection which would allow you to use SFTP instead of FTPS. But that's a short-term solution to a long-term problem.
If you think of anything else feel free to bounce any ideas off me I don't mind. Good luck in getting this solved and I will post a bug report to make Adobe aware of the issue.
Thank you for looking into this issue in depth like you have!
I think the issue might be that Godaddy is applying cost saving measures to keep their prices down in the way they implement their certificates (but it also wouldn't surprise me to know it's simply ineptitude on Godaddy's part either). I'm not sure I fault Panic with Transmit much at all because it clearly warns you about the certificate and it's your choice to continue. And, as it stands now, it's much safer to continue to connect that way with Transmit than to stop and connect with no encryption at all at a public hotspot.
As it stands now, you really shouldn't connect to Godaddy with Dreamweaver at a public hotspot unless you set up an SSH tunnel with your connection first. But enabling SSH is an added expense in many ways including paying for the service, using more computer resources for tunneling and time setting it up and implementation... all because Dreamweaver won't just allow developers the option like Transmit does.
Once again, thank you for looking at this and I hope someone at Adobe finally address this issue for the security of its customers who use Godaddy (which is often not their choice and was, instead, the choice of their clients to use Godaddy as a webhost).
Just a side note, I contacted Godaddy support about this several years ago and they were unresponsive and even hostile about it - So that's definitely another vote against Godaddy from me as well.
Message was edited by: greenbluewave

Securing FTP with TLS

Hi,
I am developing a secure FTP client.
Is there any free API available in the market which I can be reuseable in my application?
If not please provide me some link so that I can develope such API using JSSE API.
FYI-I am following the Internet Draft, �Securing FTP with TLS� by Ford-Hutchinson,a specification for realizing RFC2228, �FTP Security Extension� using TLS.
Thanks.

hi friend,
i'm also looking for free secure ftp api's for Java...
if u know any, do let me know....

ExtendedOperation() with TLS fails with javax.naming.NotContextException

With JDK 1.4.2_12, I'm trying to access a Win2003 server with "ldap://<fqdn.server>:389" as Context.PROVIDER_URL. An SSL connection ("ldaps://<fqdn.server>:636") using the same keystore works fine. Testing it as a stand-alone app with TLS on a different machine also works fine (JDK 1.4.2_11) . Any help would be much appreciated as I'm completely flummoxed.
The line that throws the error is:
tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());-Gregg
======================================
LdapContext ctx = null;
StartTlsResponse tls = null;
Hashtable env = new Hashtable(11);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put("java.naming.ldap.version" , "3");
env.put("java.naming.ldap.derefAliases", "always");
env.put(Context.PROVIDER_URL, getLDAPURL());
if (useSSL()) env.put(Context.SECURITY_PROTOCOL, "ssl");
if (useSSL() || useTLS()) {
 java.lang.System.setProperty(JAVA_NET_KEYSTORE, getKeystore());
 java.lang.System.setProperty(JAVA_NET_KEYSTORE_PW, getKeystorePass());
 java.lang.System.setProperty(JAVA_NET_TRUSTSTORE, getKeystore());
 java.lang.System.setProperty(JAVA_NET_TRUSTSTORE_PW, getKeystorePass());
try {
 // Create initial context
 ctx = new InitialLdapContext(env, null);
 if (useTLS()) {
 tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
} catch (NamingException e) {
}======================================
Partial stack trace:
at javax.naming.ldap.InitialLdapContext.extendedOperation(InitialLdapContext.java:163)
at javax.naming.ldap.InitialLdapContext.getDefaultLdapInitCtx(InitialLdapContext.java:151)
 javax.naming.NotContextException: Not an instance of LdapContext

If it works on one machine and not another, then I hate to state the obvious, but you have to find out what is the difference between the two.
I have no idea why or how you get the "Not an instance of LdapContext". Unfortunately for you, this is where I can resort to my lame "I'm not a Java developer" excuse :-)
The only thing I can suggest is to remove the StartTLS stuff, and just see whether you can perform a basic LDAP operation over the ctx, such as a simple search.
Sorry that this is not much help.
Good luck.

Email sending Problem:smtps---SSL---TLS??

Hi,
I Have a Problem bei Sending a email with Attachement from extranet, I have writting my Programm which will send my email Through TLS, with Thunderbird
I can sending there alle emails through TLS, I have taking the seem Properties :
emai Server Name, Protocol:smtp port:25 und througt TLS, so Now I will show you my Code und the compile Failure, I appreciate so much your Help, I don't find any Help here in Forum.
My Code:
public void sendAttachment(String ausgangsMailServer, String user, String password,String sender, String receiver, String filename) throws MessagingException{
 Properties properties = System.getProperties();
 properties.put("mail.transport.protocol","smtps");
 properties.put("mail.smtps.ssl", "true");
 properties.put("mail.smtps.starttls.enable","true");
 properties.put("mail.smtps.auth", "true");
 properties.put("mail.smtps.debug", "true");
 properties.put("mail.smtps.socketFactory.port", "25");
 properties.put("mail.smtps.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
 properties.put("mail.smtps.socketFactory.fallback", "false");
SecurityManager security = System.getSecurityManager();
 Session session = Session.getInstance(properties, new MailAuthenticator());
 Transport transport = session.getTransport("smtps");
 transport.connect(ausgangsMailServer, user, password);
 Message message = getMessage(session, sender, receiver,filename);
 message.saveChanges();
 transport.sendMessage(message, message.getAllRecipients());
 transport.close();
 public Message getMessage(Session session, String sender, String receiver, String filename) throws MessagingException{
 Message message = new MimeMessage(session);
message.setSubject("attachment");
 message.setFrom(new InternetAddress(sender));
 message.addRecipient(Message.RecipientType.TO, new InternetAddress(receiver));
 Multipart multipart = new MimeMultipart();
 BodyPart bp = new MimeBodyPart();
 bp.setText("Attachment Mail");
 multipart.addBodyPart(bp);
 bp = new MimeBodyPart();
 DataSource source = new FileDataSource(filename);
 bp.setDataHandler(new DataHandler(source));
 bp.setFileName(filename);
 multipart.addBodyPart(bp);
 message.setContent(multipart);
 return message;
 public class MailAuthenticator extends Authenticator{
 public MailAuthenticator(){
 public PasswordAuthentication getPasswordAuthentication(){
 return new PasswordAuthentication("radouane","mypaaword");
And I call the methode sendAttachment in a EJB Methode I Use Jboss als Server in my web application.
This is now my failure:
05:07:21,382 INFO [STDOUT] javax.mail.NoSuchProviderException: smtps
05:07:21,382 INFO [STDOUT] at javax.mail.Session.getService(Session.java:76
4)
05:07:21,382 INFO [STDOUT] at javax.mail.Session.getTransport(Session.java:
689)
05:07:21,382 INFO [STDOUT] at javax.mail.Session.getTransport(Session.java:
632)
05:07:21,382 INFO [STDOUT] at javax.mail.Session.getTransport(Session.java:
612)
I have Using a smtps protocol , by using smtp I Had this Failure:
14:15:11,164 INFO [STDOUT] javax.mail.MessagingException: Exception reading res
ponse;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connecti
on?
14:15:11,164 INFO [STDOUT] at com.sun.mail.smtp.SMTPTransport.readServerRes
ponse(SMTPTransport.java:1090)
14:15:11,164 INFO [STDOUT] at com.sun.mail.smtp.SMTPTransport.openServer(SM
TPTransport.java:986)
14:15:11,164 INFO [STDOUT] at com.sun.mail.smtp.SMTPTransport.protocolConne
ct(SMTPTransport.java:197)
14:15:11,164 INFO [STDOUT] at javax.mail.Service.connect(Service.java:233)
14:15:11,164 INFO [STDOUT] at javax.mail.Service.connect(Service.java:134)
For your help I say Thanks.
Radouane

Hi,
I want just writtefor you my javamail debug Infomationen by J2SE Application and bei J2EE application. By j2se was that sending successful, by j2ee application is a problem by TSL.
Hier Debug for j2se application:
DEBUG: setDebug: JavaMail version 1.4ea
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsys
tems, Inc]
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "mail.cs.tu-berlin.de", port 25, isSSL false
220 mailhost.cs.tu-berlin.de ESMTP Postfix
DEBUG SMTP: connected to host "mail.cs.tu-berlin.de", port: 25
EHLO meknes
250-mailhost.cs.tu-berlin.de
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250 8BITMIME
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "SIZE", arg ""
DEBUG SMTP: Found extension "VRFY", arg ""
DEBUG SMTP: Found extension "ETRN", arg ""
DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
STARTTLS
220 2.0.0 Ready to start TLS
EHLO meknes
250-mailhost.cs.tu-berlin.de
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250 8BITMIME
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "SIZE", arg ""
DEBUG SMTP: Found extension "VRFY", arg ""
DEBUG SMTP: Found extension "ETRN", arg ""
DEBUG SMTP: Found extension "AUTH", arg "PLAIN LOGIN"
DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Attempt to authenticate
AUTH LOGIN
334 oioohbzfavsa7
mnhgvas8799800U=
30987hasabhsasa6
Y2hiijsasisas=
235 2.0.0 Authentication successful
DEBUG SMTP: use8bit false
MAIL FROM:<[email protected]>
250 2.1.0 Ok
RCPT TO:<[email protected]>
250 2.1.5 Ok
DEBUG SMTP: Verified Addresses
DEBUG SMTP: [email protected]
DATA
354 End data with <CR><LF>.<CR><LF>
From: [email protected]
To: [email protected]
Message-ID: <9971081.01168741860633.JavaMail.radouane@meknes>
Subject: attachment
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_0_25199001.1168741860423"
------=_Part_0_25199001.1168741860423
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Attachment Mail
------=_Part_0_25199001.1168741860423
Content-Type: application/octet-stream; name=filename
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=filename
Now by J2ee application---I use jboss:
2007-01-14 03:27:28,769 INFO [STDOUT] DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc]
2007-01-14 03:27:28,769 INFO [STDOUT] DEBUG SMTP: useEhlo true, useAuth true
2007-01-14 03:27:28,769 INFO [STDOUT] DEBUG SMTP: trying to connect to host "mail.cs.tu-berlin.de", port 25
2007-01-14 03:27:28,909 INFO [STDOUT] 220 mailhost.cs.tu-berlin.de ESMTP Postfix
2007-01-14 03:27:28,909 INFO [STDOUT] DEBUG SMTP: connected to host "mail.cs.tu-berlin.de", port: 25
2007-01-14 03:27:28,909 INFO [STDOUT] EHLO meknes
2007-01-14 03:27:28,979 INFO [STDOUT] 250-mailhost.cs.tu-berlin.de
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250 8BITMIME
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "PIPELINING", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "SIZE", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "VRFY", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "ETRN", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "STARTTLS", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: Found extension "8BITMIME", arg ""
2007-01-14 03:27:28,979 INFO [STDOUT] DEBUG SMTP: use8bit false
2007-01-14 03:27:28,979 INFO [STDOUT] MAIL FROM:<[email protected]>
2007-01-14 03:27:29,049 INFO [STDOUT] 250 2.1.0 Ok
2007-01-14 03:27:29,049 INFO [STDOUT] RCPT TO:<[email protected]>
2007-01-14 03:27:29,159 INFO [STDOUT] 554 5.7.1 <[email protected]>: Recipient address rejected: Access denied
2007-01-14 03:27:29,159 INFO [STDOUT] DEBUG SMTP: Invalid Addresses
2007-01-14 03:27:29,159 INFO [STDOUT] DEBUG SMTP: [email protected]
2007-01-14 03:27:29,159 INFO [STDOUT] DEBUG SMTP: Sending failed because of invalid destination addresses
2007-01-14 03:27:29,159 INFO [STDOUT] RSET
2007-01-14 03:27:29,229 INFO [STDOUT] 250 2.0.0 Ok
2007-01-14 03:27:29,229 INFO [STDOUT] QUIT
2007-01-14 03:27:29,229 INFO [STDOUT] Error Sending:
2007-01-14 03:27:29,229 INFO [STDOUT] Sending failed;
nested exception is:
 class javax.mail.SendFailedException: Invalid Addresses;
nested exception is:
 class javax.mail.SendFailedException: 554 5.7.1 <[email protected]>: Recipient address rejected: Access denied
2007-01-14 03:27:29,229 INFO [STDOUT] java.lang.NullPointerException
can someone tell me, where is my problem by j2ee application, it's a ejb class -using jboss-.
Thanks ,
Radouane
Message was edited by:
radouane.marjani

Any overhead with TLS?

One of our customers wants us to setup TLS with them. They will be the only customer that will be setup to use TLS. I am wondering if there is any overhead or delay caused by settign up TLS on the Ironport.
ie. For all the other incoming connections that don't use TLS, does it cause a few seconds lag while it checks for TLS, then falls back to standard SMTP?

Hello Graham,
there is usually no delay to be significant for message processing when sent/received via TLS. What however is important to know is that compared to normal SMTP connection, a TLS connection takes at least ten times more resources. That is important to know in if the customer plans to use TLS extensively.
Hope that helps,
Andreas

SMTP with TLS

Similar Messages

Maybe you are looking for