Third Party Email interface are failing ... on connection
Problem reported by Merle Wait - 10/13/2022 at 5:29 AM
Resolved
Have had several clients over the past three or four months report that their 3rd party CRMs are no longer able to send out email.
In all honesty I dismissed the first couple of complaints because didn't have a lot of complaints...  so my issues for not capturing this earlier..   and as to which release.
But here is the issue that I see
[2022.10.13] 07:20:57.886 [XXX.XXX.XX2.60][48811648] Exception: (PooledTcpItem.cs) Unable to read data from the transport connection: 
                            An established connection was aborted by the software in your host machine.
[2022.10.13] 07:20:57.886 [XXX.XXX.XX2.60][48811648] StackTrace:    at System.Net.Sockets.NetworkStream.BeginRead(Byte[] buffer, Int32 offset, Int32 size, AsyncCallback callback, Object state)
[2022.10.13]    at System.Net.FixedSizeReader.StartReading()   at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count,
                 AsyncProtocolRequest asyncRequest)   at System.Net.Security._SslStream.StartReading(Byte[] buffer,
                 Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)   
                    at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)   at System.Net.Security._SslStream.BeginRead(Byte[] buffer, Int32 offset, Int32 count, AsyncCallback asyncCallback, Object asyncState)   at MailService.TcpServerLib.Common.PooledTcpItem.BeginReceive()

The two CRMs that have reported in the past couple of day are:
    VTiger -CRM
    Suite - CRM

Please note.. I did see these same two CRMs connect to gmail without fail.. (customers had me do a zoom to watch).  So I know it is on my side, just not sure how to resolve


Kyle Kerst Replied
Employee Post
This looks to be an SSL related issue at its core, which could be a variety of things. Are you familiar with OpenSSL? You could probe which SSL/TLS versions are supported for each to start, as mismatches here are common with system and application updates.
Kyle Kerst Acting IT Manager SmarterTools Inc. www.smartertools.com
Merle Wait Replied
I am NOT familiar with OpenSSL.. however I think my network guy probably is... but he is not familiar with SmarterMail..     If you can point as to where to start.. we can give that a whirl  :)

Kyle Kerst Replied
Employee Post Marked As Resolution
I'd be happy to! I found a serverfault discussion about checking to see if TLS 1.2 (in particular) is available on a host, and someone provided a good example case:


If they have publicly accessible hostnames you can also run an automated test like this one:


That one will check pretty much everything relating to SSL/TLS via an HTTP/HTTPS interface, so if they have a public facing web interface you can run that against them then check the list of supported protocols. I hope that helps :)
Kyle Kerst Acting IT Manager SmarterTools Inc. www.smartertools.com
Merle Wait Replied
So it was us.. somehow ended up with 2 different entries for SSL .. with one using IP address and one using  a second IP address.   Both IP addresses are valid.. but shouldn't have a separate entry.
Thanks.. for SSL info..  
Mystery solved.

Reply to Thread

Enter the verification text