I’ve upgraded my server to the latest 9.0.1 fixpacks, installled a SHA2 certificate, and disabled SSLv3. I receive lots of mail from a particular external domino server that is also at the latest fixpack, and every message now has this sequence of events:
[55F4:000C-36F0] 06/28/2015 10:45:35 AM SMTP Server: domino1.sender.com (sender.IP) connected
[55F4:000C-0D88] 06/28/2015 10:45:36 AM TLS/SSL connection 10.10.2.52(25)-sender.IP(54800) failed with rejected protocol version
[55F4:000C-0D88] 06/28/2015 10:45:36 AM SMTP Server: domino1.sender.com (sender.IP) disconnected. 0 message[s] received
[55F4:000C-0D88] 06/28/2015 10:45:36 AM SMTP Server: domino1.sender.com (sender.IP) connected
[55F4:000C-0D88] 06/28/2015 10:45:40 AM SMTP Server: Message 005115D0 (MessageID: 581020430.972332.1435502721280.JavaMail.app@ela4-app3202.prod) received
[55F4:000C-36F0] 06/28/2015 10:45:40 AM SMTP Server: domino1.sender.com (sender.IP) disconnected. 1 message[s] received
So the sender opens a session with my server, my server rejects the protocol version, then the sender connects and sends the message. How can I tell which protocol was rejected, and which was ultimately used? I tried some of the ‘debug ssl’ commands, but the output was massive and I did not know how to interpret it.
thanks in advance.