An odd issue cropped up on our server today that one of our clients brought to our attention, they were having an issue emailing one of their customers. We are currently running version 9008 also by the way. Anyway, looking at our delivery log we see where Smartermail attempted to connect and send the email, then in the log I also see where SmarterMail complains about the certificate name is a mismatch. Further down SM attempts to deliver the email by IP, removes the email from RemoteDeliveryQueue and I find the email stuck in the Waiting to be delivered queue. The provider in question where the email was sending to has a wildcard SSL certificate for the providers domain but not the actual domain name of the person the email was trying to be delivered to.

So I turned off the "Enforce strict certificate validation", save the settings, tell SM to put the email back in the regular delivery queue and the email  delivers just fine. Now with that said before I changed that setting, I even emailed the person in question directly from my personal Gmail account and Google delivered the email on the first attempt.

Reading through the help document on that setting it does warn that if a SSL certificate is expired or the domain is a mismatch, SM will not connect to that server. It's also recommneded not to have this feature off and I can see their reasoning but in this case this feature was impeding my client from emailing their customer. So for now I am leaving this feature off.

Now here comes the next odd behaviour, for several days 3 of my clients have been having difficulty emailing some of their customers that have a Yahoo email address. One of my clients tried emailing their own personal Yahoo email and got the same bounceback. The bounceback would give a reason for the bounce "Reason: Remote host said: 554 Message not allowed - [299]" Now I realize this may sound odd, but once I shutoff the "Enforce strict certificate validation" my client got both of his emails delivered to Yahoo just fine.

So my question here is obviously there is more tied into the "Enforce strict certificate validation" then just what the help document describes, so what else is affected by this setiing? Anyone else seeing this on their server with this setting on?