Hi,
I’m unable to send emails to certain domains. I suspect these problem domains might be Microsoft 365 users, i.e. they are using Exchange online.
I’m testing with Microsoft’s “Microsoft Remote Connectivity Analyzer - Exchange Server” which can be found here → Microsoft Remote Connectivity Analyzer.
Running the “SSL Server Test” using my domain and SSL Port 465, I consistently receive the following error:
-Checking that your server supports modern TLS protocols and cipher suites.
-Your server doesn’t support modern TLS protocols and cipher suites.
Additional Details
-Your server doesn’t support any cipher suites compatible with Microsoft 365 services.
I have experiemented with a large range of cipher suites but just can’t seem to find the right set of ciphers to use.
Axigen is currently configured for TLS 1.2 and TLS 1.3 only. Current Cipher Suite is:
TLS_AES_128_GCM_SHA256:
TLS_AES_256_GCM_SHA384:
TLS_CHACHA20_POLY1305_SHA256:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-RSA-AES256-SHA384:
ECDHE-RSA-AES128-SHA256:
ECDHE-RSA-AES256-SHA:
ECDHE-RSA-AES128-SHA:
AES256-GCM-SHA384:
AES128-GCM-SHA256:
ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES256-GCM-SHA384:
ECDHE-ECDSA-CHACHA20-POLY1305:
ECDHE-RSA-CHACHA20-POLY1305:
DHE-RSA-AES128-GCM-SHA256:
DHE-RSA-AES256-GCM-SHA384:
DHE-RSA-CHACHA20-POLY1305
(Shown as above for clarity only. Ciphers are entered into Axigen as one string delimited with a full-colon )
The first 3 ciphers are TLS 1.3, the remainder are TLS 1.2
Thoughts? Suggestions? Solutions?
BTW. I have tried using the settings shown here → A-grade SSL Listeners | Axigen Documentation but with no success.
Thanks.
