/mail/community?hl=en
This content is likely not relevant anymore. Try searching or browse recent questions.
-
"The recipient server did not accept our requests to connect" from GMail after updating SSL/TLS cert 1 Recommended Answer 8 Replies 25 Upvotes
1 Recommended Answer
$0 Recommended Answers
1 Relevant Answer
$0 Relevant Answers
On Friday, 19 July 2019, we updated the SSL/TLS security certificates out our mailserver (c4.net and associated domains.)  After replacing the certificate, we noticed that mail stopped arriving from gmail.com and GApps-hosted domains.  Senders from those domains received a message about a temporary delivery problem after 24 hours, saying the response from our server was:

The recipient server did not accept our requests to connect.

I've confirmed we have a clear path for traffic through our firewalls for traffic from all the servers listed in the _spf.google.com IP blocks, as well as confirmed that none of those IPs are blacklisted on our mail server, as well as the IP's being exempted from Greylisting.

We did change our Certificate vendor from COMODO to LetsEncrypt in this most recent update, which is the only significant change on our end.  It did replace the by-now-expired certificate that was on SMTP 25.  Is it possible GMail is rejecting a connection because of the CA on the certificate?

Note that our domains that do not use TLS on SMTP are not impacted by the issue, strongly implicating the certificate in this problem.

Thanks,
John Brewer
C4.net
Most Relevant Answer Most Relevant Answers (0)
All Replies (8)
-
Most Relevant Answer
Update: I got bounces from a domain that doesn't use TLS or SSL for mailservices, and a bounce from icloud.com, suggesting this isn't an issue related to our unique configuration or our certificates.  Is anyone else experiencing these issues?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I'm seeing this too, in the last 48hrs (my letsencrypt cert last updated 4 days ago). Gmail is now rejecting connections from my mail server with "TLS error on connection (recv): Resource temporarily unavailable, try again."
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Can you  please fix the problem for me
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Am suddenly getting "msmtp: TLS certificate verification failed: the certificate hasn't got a known issuer" errors. It did go away this afternoon and I was able to send email for awhile, but now the problem is  back!! I also notice that there were certificate validity changes lately:

Common Name: Google Internet Authority G3
Validity:
    Activation time: Mon, Jul 29, 2019 11:35:48 AM
    Expiration time: Mon, Oct 21, 2019 11:23:00 AM

Just tried again and it worked.
Anyone else encountering issues sending email?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
same issue :( Can't send emails to important clients
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I'm having similar problems.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I'm having similar issues importing mail into Gmail from an ISP starting the day after they got a new certificate.
However a quick test install of another mail client (eM Client) had no issues connecting with said isp's mail server. The desktop gmail interface did not provide any clues as to what the issue was but the Android gmail did state the issue was with the certificate and gave a long message I'll just put a bit of in here;

 Certificate not trusted
Subject: *.teksavvy.com
Issuer: DigiCert SHA2 High Assurance Server CA
Valid from: Dec. 10, 2019
Expires on: Jan. 26, 2022
Current date: Dec. 15, 2019
PEM encoded chain: -----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgIQAZOt2rlvmABVcyvGqtDsbzANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQG
EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8w
LQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xOTEyMTEw
MDAwMDBaFw0yMjAxMjYxMjAwMDBaMIGNMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEV
MBMGA1UEBxMMQ2hhdGhhbS1LZW50MSAwHgYDVQQKExdUZWtTYXZ2eSBTb2x1dGlvbnMgSW5jLjEa
MBgGA1UECxMRQ29ycG9yYXRlIFN5c3RlbXMxFzAVBgNVBAMMDioudGVrc2F2dnkuY29tMIIBIjAN
  .  .  .
d5mfZkHs4M1G07VnrT3/kZl6DJs3hjuVcfZtKzFD5UsdLxszUns3bW0nQCcftNoedcDkUCcl6akV
xQ6an/DOUfRf/tYudXDwQlCP95Cq7jijpe0EWEod/eV7fR5BHN8IGWn8J0fP8vYsOdO84Ny7642U
CBxsq9ZboO2DThg7jjW8UA/T2pHOyIPNuD30I+locFjjXq1LrP5BVTj2QL08jfI2C/gyEzS+HipX
al2pkFCx6WIc8WwF4s1m
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG
EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw
KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw
   . . .
myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK
mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
-----END CERTIFICATE-----

I know nothing of how these work but I find it unusual that there are two certs, the first much longer than the last.
I hope this helps the boffins pin this issue down.
marked this as an answer
Most relevant based on info available
This question is locked and replying has been disabled.
Discard post? You will lose what you have written so far.
Write a reply
10 characters required
Failed to attach file, click here to try again.
Discard post?
You will lose what you have written so far.
Personal information found

We found the following personal information in your message:

This information will be visible to anyone who visits or subscribes to notifications for this post. Are you sure you want to continue?

A problem occurred. Please try again.
Create Reply
Edit Reply
Delete post?
This will remove the reply from the Answers section.
Notifications are off
Your notifications are currently off and you won't receive subscription updates. To turn them on, go to Notifications preferences on your Profile page.
Report abuse
Google takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Go to the Legal Help page to request content changes for legal reasons.

Reported post for abuse
Unable to send report.
Report post
What type of post are you reporting?
Google takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Go to the Legal Help page to request content changes for legal reasons.

Reported post for abuse
Unable to send report.
This reply is no longer available.
/mail/threads
//accounts.google.com/ServiceLogin
You'll receive email notifications for new posts at
Unable to delete question.
Unable to update vote.
Unable to update subscription.
You have been unsubscribed
Deleted
Unable to delete reply.
Removed from Answers
Marked as Recommended Answer
Removed recommendation
Undo
Unable to update reply.
Unable to update vote.
Thank you. Your response was recorded.
Unable to undo vote.
Thank you. This reply will now display in the answers section.
Link copied
Locked
Unlocked
Unable to lock
Unable to unlock
Pinned
Unpinned
Unable to pin
Unable to unpin
Marked
Unmarked
Unable to mark
Reported as off topic
/mail/profile/0?hl=en