SMTP STARTTLS offload
I set up SMTP STARTTLS offload when I started loadbalancing Exchange 2010 a couple of years ago, and I could swear it worked when I tested it then. Recently we've gotten reports that it doesn't work, and testing with 'openssl s_client -connect webmail:587 -starttls smtp' shows the certificate chain and seems to get through the handshake, but as soon as I send any SMTP command other than QUIT I get this error:
924
1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s3_pkt.c:293:
I'm using an AX2500 running 2.4.3-p12 (also checked on 2.4.3-p9, same error). The SMTP template has 'starttls optional', and the service does work just fine if I don't do STARTTLS (e.g., plain telnet to port 587).
Has anyone else gotten this to work, seen the same error, or have any other suggestions? Thanks.
924

I'm using an AX2500 running 2.4.3-p12 (also checked on 2.4.3-p9, same error). The SMTP template has 'starttls optional', and the service does work just fine if I don't do STARTTLS (e.g., plain telnet to port 587).
Has anyone else gotten this to work, seen the same error, or have any other suggestions? Thanks.
0
Comments