Exim Mail-Server with Microsoft (Office) 365 and TLS errors

By | 2020-05-08

In the last days I got several calls, that I cannot receive emails from NetApp. After some debugging I found out, that my exim mailserver seems to refuse mails from NetApp which are received via some *.outlook.com domains:

2020-05-08 15:34:00 TLS error on connection from mail-db8eur05olkn2014.outbound.protection.outlook.com (EUR05-DB8-obe.outbound.protection.outlook.com) [] (recv): Error in the pull function.
2020-05-08 15:34:00 unexpected disconnection while reading SMTP command from mail-db8eur05olkn2014.outbound.protection.outlook.com (EUR05-DB8-obe.outbound.protection.outlook.com) [] D=5m1s

About 100 tries later, I found a solutions for this problem: disable StartTLS in your exim.conf for these outlook.com domains:

tls_advertise_hosts = !*.protection.outlook.com : *

After a restart, it’s working correctly:

2020-05-08 15:41:54 1jX3GE-000EKN-Qj Virus_checked
2020-05-08 15:41:57 1jX3GE-000EKN-Qj Spam_checked (Score: 2.1)
2020-05-08 15:41:57 1jX3GE-000EKN-Qj <= xxxx.xxxr@netapp.com H=mail-co1nam11on2089.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com) [] P=esmtp K S=9422 DKIM=netapp.onmicrosoft.com id=6D1A8049-3865-4766-8080-0420443EB300@netapp.com
2020-05-08 15:41:57 1jX3GE-000EKN-Qj => alex <xxx> R=dovecot T=dovecot_lmtp_transport C=”250 2.0.0 <xxx> aMTXHqVhtV7/1gAAKkMkSg Saved”
2020-05-08 15:41:57 1jX3GE-000EKN-Qj Completed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.