Exchange Server
MS Exchange Server 2013 U23 Standard
AdminDisplayVersion 15.0 (Build 1497.2
We are using an Microsoft exchange server 2013/2016 U23 to deliver and route our emails. Our product is Cisco Email Security Appliance We are getting [Errno 0] Error interface: reason network error when connecting to server with ECDHE-RSA-AES256-SHA384.But the same connection works for other cipher suites such as ECDHE-RSA-AES128-SHA.We are having compatibility issues between Exchange 2013 and OpenSSL 1.1.1 when specific cipher strings are used.
Our observations
With 'ECDHE-RSA-AES128-SHA' (Working):
Wed Sep 6 13:13:16 2023 Info: MID 14 ICID 14 From: ******@domainsample1.com
Wed Sep 6 13:13:16 2023 Info: MID 14 SDR: Domains for which SDR is requested: reverse DNS host: Not Present, helo: smtp.spa
m.test, env-from: cisco.com, header-from: Not Present, reply-to: Not Present
Wed Sep 6 13:13:16 2023 Info: MID 14 SDR: Message was not scanned for Sender Domain Reputation. Reason: Unknown error.
Wed Sep 6 13:13:16 2023 Info: MID 14 ICID 14 RID 0 To: ******@domainsample2.com
Wed Sep 6 13:13:16 2023 Debug: MID 14 ICID 14 TLS read 126 bytes (0.0 seconds)
Wed Sep 6 13:13:16 2023 Info: MID 14 Message-ID '20230906131316.23631.70662@esa008.cs18'
Wed Sep 6 13:13:16 2023 Info: MID 14 Subject "Testing"
Wed Sep 6 13:13:16 2023 Info: MID 14 SDR: Domains for which SDR is requested: reverse DNS host: Not Present, helo: smtp.spa
m.test, env-from: cisco.com, header-from: cisco.com, reply-to: Not Present
Wed Sep 6 13:13:16 2023 Info: MID 14 SDR: Message was not scanned for Sender Domain Reputation. Reason: Unknown error.
Wed Sep 6 13:13:16 2023 Info: MID 14 SDR: Tracker Header : 64f87aec_N/6TpU9YN1dsVJ3pDujDlS+RmDQQrvukNy6A4SuBgUlLDZTOZ+Q0VzN
T8knnL5YbaLJfrrVUCS68IDBDu1uiyg==
Wed Sep 6 13:13:16 2023 Info: MID 14 ready 280 bytes from ******@domainsample1.com
Wed Sep 6 13:13:16 2023 Info: MID 14 matched all recipients for per-recipient policy DEFAULT in the inbound table
Wed Sep 6 13:13:16 2023 Trace: GRAYMAIL: shouldn't scan?
Wed Sep 6 13:13:16 2023 Trace: MID 14: Skip AMP Engine check
Wed Sep 6 13:13:16 2023 Trace: GRAYMAIL: No Actions Applied
Wed Sep 6 13:13:16 2023 Trace: Data will be sent to ECS client only when there is cloud license, urlscanning is enabled and
retro service is enabled
Wed Sep 6 13:13:16 2023 Info: MID 14 queued for delivery
Wed Sep 6 13:13:16 2023 Info: New SMTP DCID 30 interface 10.13.102.10 address 10.13.101.31 port 25
Wed Sep 6 13:13:16 2023 Info: DCID 30 TLS success protocol TLSv1.2 cipher ECDHE-RSA-AES256-SHA384
Wed Sep 6 13:13:16 2023 Info: Delivery start DCID 30 MID 14 to RID [0]
Wed Sep 6 13:13:16 2023 Trace: MID 14 DKIM: signing context (profile - ) : profile names are not present/not set
Wed Sep 6 13:13:16 2023 Trace: RPC client _message_loop sleeping when dequeuing a null entry
Wed Sep 6 13:13:16 2023 Info: Message done DCID 30 MID 14 to RID [0]
With 'ECDHE-RSA-AES256-SHA384' (Not Working):
i Sep 8 05:21:31 2023 Info: MID 4 ICID 4 From: ******@domainsample1.com
Fri Sep 8 05:21:31 2023 Info: MID 4 SDR: Domains for which SDR is requested: reverse DNS host: Not Present, helo: smtp.spam
.test, env-from: cisco.com, header-from: Not Present, reply-to: Not Present
Fri Sep 8 05:21:31 2023 Info: MID 4 SDR: Message was not scanned for Sender Domain Reputation. Reason: Service Temporarily
Unavailable.
Fri Sep 8 05:21:31 2023 Info: MID 4 ICID 4 RID 0 To: ******@domainsample2.com
Fri Sep 8 05:21:31 2023 Info: MID 4 Message-ID '20230908052134.74591.43891@esa008.cs18'
Fri Sep 8 05:21:31 2023 Info: MID 4 Subject "Testing"
Fri Sep 8 05:21:31 2023 Info: MID 4 SDR: Domains for which SDR is requested: reverse DNS host: Not Present, helo: smtp.spam
.test, env-from: cisco.com, header-from: cisco.com, reply-to: Not Present
Fri Sep 8 05:21:33 2023 Info: MID 4 SDR: Message was not scanned for Sender Domain Reputation. Reason: Service Temporarily
Unavailable.
Fri Sep 8 05:21:33 2023 Info: MID 4 SDR: Tracker Header : 64faaf5e_fDzl9+YzU8++fc0v3rIygyoIu4poY9OPeCVCyvcuNc1MHUeLzvw76Rs0
2ou3TJ/uI6rKlKWef5cHeLqGUH4qyQ==
Fri Sep 8 05:21:33 2023 Info: MID 4 ready 280 bytes from ******@domainsample1.com
Fri Sep 8 05:21:33 2023 Info: MID 4 matched all recipients for per-recipient policy DEFAULT in the inbound table
Fri Sep 8 05:21:33 2023 Info: MID 4 queued for delivery
Fri Sep 8 05:21:34 2023 Info: ICID 4 TLS failed: [Errno 54] Connection reset by peer
Fri Sep 8 05:21:34 2023 Info: ICID 4 lost
Fri Sep 8 05:21:34 2023 Info: ICID 4 close
Fri Sep 8 05:22:23 2023 Info: New SMTP DCID 63 interface 10.10.192.50 address 10.13.101.31 port 25
Fri Sep 8 05:22:23 2023 Info: Connection Error: DCID 63 domain: domainsample2.com IP: 10.13.101.31 port: 25 details: [Errno 0] E
rror interface: 10.10.192.50 reason: network error