Feb 03, 2020 - 06:24 AM
1. To solve this issue you've to modify "production.yaml" file stored on Security Engine Node:
2. By modifiying "disableStartSsl" with "true" value:
3. Restart "eridanis" service.
4. Test Configuration
The problem is related to the functioning of the SMTP protocol and more particularly of the StartTLS feature.
There are two ways to establish an encrypted connection with the SMTP protocol. Either you establish a standard SMTP connection, or you establish a plain text SMTP connection, then you send the command "STARTTLS" to the server. If it responds positively, the connection switches to TLS in the same SMTP session.
This is a handy feature for doing TLS without having to open two network ports. The only problem is that this functionality can be subject to "downgrade" attacks.
With Alsid, we impose the use of StartTLS in case of simple SMTP connection. We avoid sending the plaintext message this way - even during an SMTP connection. You have probably encountered this problem, because the concerned SMTP server is configured to refuse the STARTTLS command. Alsid reacts by interrupting the connection.
By changing, the disableStartSsl directive to true, you authorize the connection in clear, which corrects your problem.
We invite you to use the "Support" widget to contact us in case this solution has not been applicable, or for any other question.