SMTP STARTTLS offload
I set up SMTP STARTTLS offload when I started loadbalancing Exchange 2010 a couple of years ago, and I could swear it worked when I tested it then. Recently we've gotten reports that it doesn't work, and testing with 'openssl s_client -connect webmail:587 -starttls smtp' shows the certificate chain and seems to get through the handshake, but as soon as I send any SMTP command other than QUIT I get this error:
924
1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s3_pkt.c:293:
I'm using an AX2500 running 2.4.3-p12 (also checked on 2.4.3-p9, same error). The SMTP template has 'starttls optional', and the service does work just fine if I don't do STARTTLS (e.g., plain telnet to port 587).
Has anyone else gotten this to work, seen the same error, or have any other suggestions? Thanks.
924
1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s3_pkt.c:293:I'm using an AX2500 running 2.4.3-p12 (also checked on 2.4.3-p9, same error). The SMTP template has 'starttls optional', and the service does work just fine if I don't do STARTTLS (e.g., plain telnet to port 587).
Has anyone else gotten this to work, seen the same error, or have any other suggestions? Thanks.
0
Comments