TLS secured delivery failures following update to SMG 10.0.0-6
|Article:TECH195621|||||Created: 2012-08-24|||||Updated: 2012-09-06|||||Article URL http://www.symantec.com/docs/TECH195621|
Outbound TLS delivery to some sites fail with certificate validation errors following update to v10.0.0-6. Messages are held in the delivery queue.
SMG v10.0.0-6 is attempting to validate the certificate signing chain on all outbound, TLS secured deliveries resulting in delivery failures to routes with self-signed or untrusted certificates.
This issue has been addressed in the SMG v10.0.0-7 release. Please update to the latest software release at your earliest convenience.
Workaround for 10.0.0-6
In the short term this issue may be worked around via one of the following methods
- Disable “Attempt TLS encryption for delivery of all messages” via the Administration->Configuration->Host->SMTP->Advanced Settings->Delivery page.
Configure affected routes to not use TLS via the Protocols->Domains page on a route by route basis
Communicate with email admins for the affected routes to either populate the trusted certificate authority list with their CA information or update their expired certs on a route by route basis.
Article URL http://www.symantec.com/docs/TECH195621