/mail/community?hl=en
This content is likely not relevant anymore. Try searching or browse recent questions.
This post is a trending issue.
-
my message can sometimes not be delivered because of an incorrect alias. Sometimes it works. 1 Recommended Answer 786 Replies 1738 Upvotes
1 Recommended Answer
$0 Recommended Answers
1 Relevant Answer
$0 Relevant Answers
hello,

Sometimes (!) I am getting a message that my email could not be delivered because the credentials of the alias I am sending are not correct or are outdated. But this happens with 1 out of 10 messages and randomly with the people I am sending this to. One minute later with another new message it then works again.  I use gmail in the browser to send my emails. 

Any one any idea?

thanks
Marjon
Most Relevant Answer Most Relevant Answers (0)
All Replies (786)
-
Most Relevant Answer
I forgot the message I am seeing is also saying: 

De reactie was:
TLS Negotiation failed, the certificate doesn't match the host.

I am getting this, although nothing changed since 4 days with some emails.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here. Out of 10 messages to the same email address...  1 or 2 may come back with a TLS error.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here. Just started happening to me very intermittently. Looks like a Google-wide issue that has absolutely nothing to do with the 3rd party servers?? Google please confirm and FIX. Thanks
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I have been having the same problem for about a week to a week and a half.

I also see exactly what the posters say -- it is inconsistent, clearly some Gmail systems are configured differently than others, and it's random as to which one attempts to connect, because some of them are fine with my configuration and others are not.

The maddening thing is that the TLS certificate I'm using absolutely matches the host!

It is a self signed certificate but that's never been a problem in the past.

syd-barrett.accessgroupinc.com

No affiliation but I used


the detailed results from this site indicate no problems except for self signed certificate


Note that the server identifies itself as syd-barrett.accessgroupinc.com AND the reverse DNS resolves to syd-barrett.accessgroupinc.com AND the MX records all use syd-barrett.accessgroupinc.com

I am therefore baffled, which is unusual...  I have 30+ years experience with system administration and used to hack Sendmail back in the day...  contributed a tiny bit to Postfix years and years ago...
marked this as an answer
Most relevant based on info available
Most Relevant Answer
To make sure we're all on the same page, this is when sending from Gmail using a custom outgoing email address, and using TLS as the transport to another mail server which does the actual delivery for that domain.

(The OP isn't explicit about what they are doing, but I'm reading between the lines, because I have the exact same issue.)
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I just got this alert today for the first time. I am using Gmail as my host but using a non-gmail email account. They have been linked for 10 years. Any suggestions?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I am getting the same error, intermittently. I am using an alias to send outgoing mail from Gmail through my customer domain mail server. How can the TLS certificate be incorrect or out of date one minute, and fine the next??
marked this as an answer
Most relevant based on info available
Most Relevant Answer
An invalid certificate, including self-signed, would be a problem now that Gmail is enforcing TLS for servers that support it.  (Previously, after a few failures, Gmail would deliver the messages without encryption.)
 
To know if this is everyone's problem would require knowing the domain names that are failing.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
If this is due to a problem with the domain's certificate, would it not be a problem with each email I send? This seems to happen randomly, maybe one out of 5 or 10 emails I send, and it just started today.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
The truly odd thing is that there was a bunch of fanfare when Google made changes to the way they handle TLS, and at that time, nothing broke!

Even now, things only break occasionally, about one out of ten times that I send something.

The irony of course is with stricter TLS the workaround with this error is to simply turn TLS off, and go unsecured, which is completely and totally stupid.

I control my DNS which points the MX to my server, I control my server software, and I provide the certificate.  Why should Google care if my inbound relay uses a self signed certificate?  It's better than the alternative, which is no encryption at all.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Per bkennelly's post: the outgoing mail server I am send mail through is my custom email domain which is hosted by Earthlink, so it is on one of their servers.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
We really don't know if everyone has the same problem without more information.  The changes could be rolling out over time, so that not every message is impacted.
 
 
marked this as an answer
Most relevant based on info available
Most Relevant Answer
@bkennelly Note that I actually provided the exact details of my server and the output from the TLS check I did.

I do not see any documentation anywhere indicating that Gmail now requires certificates to be signed by a specific list of CA.

At the very least, if this is the requirement, then the error message is completely totally and stupidly incorrect.  It indicates a hostname mismatch, which is absolutely not true.

I might also add that adding the TLS credentials within Gmail does not produce errors i.e. I give it username, password, and point it at my server, and it accepts those settings for the given email address...  this is also an error if the intent on the part of Google is to force people to have TLS certificates that are signed by a given group of CA.

Long story short the status quo is ridiculously poor.  The TLS page for Gmail says nothing about self signed certificates -- says nothing about specific CA being required -- the error message doesn't say anything about that either -- and Gmail itself gladly accepts my TLS credentials -- which it clearly is checking, as if I give an incorrect username or password, it refuses to take my settings.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
1: Could you clarify. Could a change be made to a rule, and then the change be rescinded, and then made again, etc.?

2: Is it likely this is a Gmail issue or a real issue with the mail server's certificate at Earthlink? I don't want to go down the rabbit hole with Earthlink if it is a Gmail bug.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
We may be getting sidetracked.  By the time I read to the bottom of the posts, I had forgotten that the problem being reported was with authenticating to a custom SMTP server, and was thinking it was about delivery of outbound mail from the Gmail servers.  (I apologize.)  
 
It is still possible that the recent TLS changes are involved, but, AFAIK, those changes only apply to messages being sent from the Google mail servers to the other hosts, not to connecting to custom SMTP servers.
 
Google generally do not trust self-signed certificates, for good reasons, but that would not apply to those using Earthlink servers.  The server name mismatch is possible, depending on how you name the server and how Earthlink identify it.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
As I'm experiencing the same TLS Negotiation failed issue, I'll give more details about my Gmail account configuration. I'm using Gmail to send/receive my custom-domain email messages by using these two settings:

Options > Accounts and Import > Send mail as
Options > Accounts and Import > Check email from other accounts

The Send mail as is configured this way:

- Treat as an alias
- Port 465
- Secured connection, using SSL (recommended)

My self-hosted domain is secured with a free Let's Encrypt SSL/TLS certificate on a VPS machine with Ubuntu/Plesk. I've never had any problem for years, this is the first time Google is showing this behavior. 

The LS Negotiation failed error happens in a completely random way. Sometimes I can send multiple messages to a specific email address with no issues... And then the 10th message drops this error. If I re-send the same message to the same address... It goes through with no error.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same problem, using "Send mail as:" against a Network Solutions SMTP server, Port 587 and TLS.  Deleting and re-adding the "Send mail as:" email address still results in occasional failures.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Thanks. If it was a server name mismatch, why would that be intermittent?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I doubt it's a server-related issue, not with this inconsistency. Something changed on Google's side and we really need to figure it out. If this thing starts affecting my clients it will be a pain for me.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
So how do we all fix this error???

I am also getting this error starting today April 6, 2020:

The response was:
TLS Negotiation failed, the certificate doesn't match the host.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Am also having the same issues, as above it is intermittent, nothing consistent about it
marked this as an answer
Most relevant based on info available
Most Relevant Answer
This has also started happening for us since yesterday but from the forwarding settings in Gmail and domain end information is all still the same? 
I did the check recommended above and it came back and said email was being sent but it was not secure. How do I make it secure? The TLS info is the same and doesn't have anything to update so not sure how to fix it when nothing seems to have changed?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I am also having the same issue.  This is not a new issue.  Just that it is more frequent now
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here -- trying to send mail as another email account from Gmail (I've verified all settings are correct) and getting the message 

TLS Negotiation failed, the certificate doesn't match the host.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I have the same issue since Friday 3rd April. Its really effecting my business. Is there a number we can call google on to help fix this? I have checked domain and server with developers and all working fine?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I have the same issue here since this morning... Some emails bounce back with the error message "TLS Negotiation failed, the certificate doesn't match the host." while others are sent with no problems.

I haven't changed anything in my account for months.

Anyone from Google can solve this?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Samen issue here. Random TLS Negotiation failed errors, issue started somewhere last week.
Google please solve this problem.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same Issue here
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I have the same issue as well. Have anyone fixed it?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
same issue
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Just adding to this thread, this is happening on several of our Gmail accounts but not all. Every account is configured the same way, to use SSL, port 465, not TLS but only some accounts are having problems. It is also not every email, it is intermittent.

The error report is:

TLS Negotiation failed, the certificate doesn't match the host.

All our accounts are set up to send mail as:

Not an alias.
Mail is sent through: server.XXX.com
Secured connection on port 465 using SSL

Out of 6 accounts, one started having problems last week, another one this morning and the rest have been fine.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Likewise, regrettably.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same here. I changed the TLS-Ports - but nothing changed. 
I´m using DF.EU as Mail-Provider and got in contact with the support - but as I´m reading all the Posts here I guess it has something to do with google.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same here. Waitig for google respose.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
same issue here
marked this as an answer
Most relevant based on info available
Most Relevant Answer
same issue here since 3 days too
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Having the same issue! Random emails will be rejected one day, and the next it'll be fine and another handful aren't going through. Really frustrating.

Thought it was the way I configured it, but looks like this is a wider problem. 

Anyone here from Google yet?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Its not server related but from the Gmail's side. Something related to certificate matching.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
same issue here. 2 out of 10. I can not see any pattern behind it
marked this as an answer
Most relevant based on info available
Most Relevant Answer
The same issue. 
I've even recreated a new TLS cert. Nothing happend.
maybe its time to turn to alias?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here - it's affecting random emails. The thing is, the sending as is actually hosted by Google Apps (the domain email IS a Gmail service) and the send as is being sent as that domain address via a regular Gmail account. It's completely hit and miss at the moment, I imagine it's down to some cluster of servers which need to be updated and we're only hitting them occasionally, rather than a full outright loss of service (which will make this harder to get attention from Google engineers!).
marked this as an answer
Most relevant based on info available
Most Relevant Answer
How can we escalate this to google?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here
Using chrome client and  Let's script SSL Certificate. on the hosting
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same exact issue here with 2 different mail servers. Used firefox and chrome and the two mail servers are unrelated. Was working fine last week when I had last sent a few emails.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
We must find a way to escalate this issue, someone at Google must check it because it's very very problematic...
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same error here. "TLS Negotiation failed, the certificate doesn't match the host."
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I'm having the same problem X2 days. None of my "Send Mail As" settings have been changed and they have been working fine for years. Now, I'm suddenly getting "TLS Negotiation failed, the certificate doesn't match the host" rejects on some (but not all) of my outgoing messages that I send as if from my Network Solutions email address.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Algo getting the same error. Waiting from feedback.... Thanks
marked this as an answer
Most relevant based on info available
Most Relevant Answer
This has been escalated but it might take a while to get a response from Google.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
GOOGLE U THERE BRUH???????? WTF
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue here to.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
same issue! Google please!
marked this as an answer
Most relevant based on info available
Most Relevant Answer
me too! google, help!
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Sadly, I have just started seeing this message to. Based in the UK. Started after 1pm BST time. Very annoying, as I have no idea if the emails are actually sent correctly or not. Come on Google - please acknowledge the issue at least.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
My VPS with the affected domains is UK based too.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same problem here, starting from today. My hosting is SiteGround, but I don't think is that the issue.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same problem here starting from today ...
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Since 2 days we have the same problem - what should we do?
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same problem here, settings haven't change for months.
Not impacting all aliases, nor every email. 

(somehow happy to see people with the same prob, will save me hours...)
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I am not using TLS in my settings, they are set for SSL and I am still receiving this error message. Clearly google has broken something on their end.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I'm getting the same error:
TLS Negotiation failed, the certificate doesn't match the host.

And it's random. I've been using my emails for years, never had a problem or have changed anything.

Google please help fix this!
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same issue started this morning.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Me too. Just found this thread, I thought it was something with our smtp server but looks like Google messed something up. So. /subscribing here :)
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I am having this issue as well. We retrieve emails from our server to our gmail accounts. And we use Send Mail as secured through TLS. Our settings have not changed. Only some gmail accounts, only sometimes failing to send. 

The response was:
TLS Negotiation failed, the certificate doesn't match the host.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Same problem here! :( Started few days ago with 1 out of 10 emails, now it's even more often :(
marked this as an answer
Most relevant based on info available
Most Relevant Answer
Idem ! It's very disturbing. I hope Google will fix it asap.
marked this as an answer
Most relevant based on info available
Most Relevant Answer
I'm having the same issue as well, which started today for me
marked this as an answer
Most relevant based on info available