cancel
Showing results for 
Search instead for 
Did you mean: 

"STARTTLS is required to send mail" from Office365 to EV SMTP archive

Stormonts
Level 5

We have setup SMTP journaling on EV 14 and are getting this error when we attempt to validate the connector from O365.  On the EV server, we do have a certificate installed and port 25 (as per the EV docs) is open.  How can we resolve this?

 

error.png

1 ACCEPTED SOLUTION

Accepted Solutions

Thank you for your suggestions.  We have been using Enterprise Vault for almost 15 years now, however the SMTP archiving is a new feature to us.  In this case, the problem turned out to be that we have the RC4_HMAC_MD5 encryption type disabled in our domain (as per CIS recommendations).  Once that cipher was enabled, then we could send messages to the SMTP server created by Enterprise Vault.  It should be noted that that cipher is recommended to be disabled by the Center for Internet Security  https://www.cisecurity.org/, so anyone changing this setting (in order to get SMTP archiving to work) is creating a deviation to the recommended benchmarks

View solution in original post

3 REPLIES 3

GertjanA
Level 6
Partner    VIP    Accredited Certified

Hello again,

No offense intended, but you might think about getting a consultant on-site to assist. Your previous question (about the 2nd server) indicated (no offense again!) that there is little knowledge on EV in your organization. EV is NOT a product you can just install and let it run. You really need to make sure everything is connected to everything properly, otherwise you WILL run into problems. Trust me, the money you pay a consultant is worth it.

As for your question, you're asking to troubleshoot an O365 connector. That is a Microsoft thing :-). I'm not sure you should be using TLS in the first placve, but have a look here as start: Enterprise Vault™ Setting up SMTP Archiving (veritas.com)

We forummembers will do our best to assist in any question or problem you have, but we'll not cover the basics of installing or configuring. That simply takes too much time. 

I'm pretty sure you can find an EV consultant who can assist. If not, contact your Veritas Sales rep. He should have a name or two.

Regards. Gertjan

Thank you for your suggestions.  We have been using Enterprise Vault for almost 15 years now, however the SMTP archiving is a new feature to us.  In this case, the problem turned out to be that we have the RC4_HMAC_MD5 encryption type disabled in our domain (as per CIS recommendations).  Once that cipher was enabled, then we could send messages to the SMTP server created by Enterprise Vault.  It should be noted that that cipher is recommended to be disabled by the Center for Internet Security  https://www.cisecurity.org/, so anyone changing this setting (in order to get SMTP archiving to work) is creating a deviation to the recommended benchmarks

View solution in original post

GertjanA
Level 6
Partner    VIP    Accredited Certified

Hello,

Interesting. We've been running SMTP Archiving for 2 years now, and have recently disabled RC4 (without issues). That is the vice versa of your scenario (disable RC4, then configure SMTP). I'm pretty sure you should be able to run SMTP archiving without RC4 enabled, but I am not sure how.

Might be worth asking such a question to your SE or Sales person. They can then route it further.

Regards. Gertjan