Back to Community Threads
Errors in TLS negotiation - is this our server issue?
Problem reported by Merle Wait - Today at 9:45 AM
Submitted
M
Listed below is a log that reflects an issue that we are experiencing (or seeing) on our inbound email server.
We have our SMTP 25 - setting at START TLS.
Our users are complaining that these inbound requests are delayed.... and I believe this is why.
What I am trying to determine if this is an error on our side or theirs....  and either way.. a good way to correct???
Version:  SmarterMail Free 100.0.8797.17797 (Feb 1, 2024)
BUT... the same thing is happening on several other inbound email servers
the other one is running on 
100.0.9575.20827  (3/20/2026)

'===================================================
[2026.04.29] 09:20:50.198 [8.31.233.208][25175233] rsp: 220 mx1.ebt.net
[2026.04.29] 09:20:50.198 [8.31.233.208][25175233] connected at 4/29/2026 9:20:50 AM
[2026.04.29] 09:20:50.198 [8.31.233.208][25175233] Country code: US
[2026.04.29] 09:20:50.224 [8.31.233.208][25175233] cmd: EHLO internalmail201.xxxxxxx.com
[2026.04.29] 09:20:50.226 [8.31.233.208][25175233] rsp: 250-mx1.ebt.net Hello [8.31.233.208]250-SIZE 699050666250-AUTH LOGIN CRAM-MD5250-STARTTLS250-8BITMIME250-DSN250 OK
[2026.04.29] 09:20:50.249 [8.31.233.208][25175233] cmd: STARTTLS
[2026.04.29] 09:20:50.249 [8.31.233.208][25175233] rsp: 220 Start TLS negotiation
[2026.04.29] 09:20:50.273 [8.31.233.208][25175233] SNI using fallback binding certificate D25_WildebtV10.pfx for (no hostname passed to SNI).
[2026.04.29] 09:20:50.299 [8.31.233.208][25175233] rsp: 554 Security failure
[2026.04.29] 09:20:50.300 [8.31.233.208][25175233] Exception negotiating TLS session: System.Security.Authentication.AuthenticationException: Cannot determine the frame size or a corrupted frame was received.
[2026.04.29]    at System.Net.Security.SslStream.EnsureFullTlsFrameAsync[TIOAdapter](CancellationToken cancellationToken, Int32 estimatedSize)   at System.Runtime.CompilerServices.PoolingAsyncValueTaskMethodBuilder`1.StateMachineBox`1.System.Threading.Tasks.Sources.IValueTaskSource<TResult>.GetResult(Int16 token)   at System.Net.Security.SslStream.ReceiveHandshakeFrameAsync[TIOAdapter](CancellationToken cancellationToken)   at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)   at SmarterMail.Protocols.Common.PooledTcpItem.ConvertToSSL(db_system_binding_port setting, Log log, String sessionId)   at SmarterMail.Protocols.SMTP.SMTPSession.STARTTLS()09:20:50.300 [8.31.233.208][25175233] disconnected at 4/29/2026 9:20:50 AM
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
SmarterMail for Linux – SSL/TLS & Certificate ReferenceSmarterMail > Server Configuration and Management
TLS 1.0/1.1 Deprecation InformationGeneral Topics
Key Feature and Version Milestones in SmarterMailSmarterMail
Automated SSL certificate Issues.SmarterMail > Troubleshooting
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management