January 19, 2024 at 10:28 pm
About a week ago, database mail stopped working. The error message from the log is "Cannot send mails to mail server (Failure sending mail)." the rather generic error message. This is happening both on test emails as well as other production emails
I restarted the server, tried temporarily disabling the firewall, recreated the db mail account and profile.... no help.
Weirdly, after recreating the profile and account a million times it did work for about 2 emails and then went back to not working.
Should be noted that the exact same configuration is running on 3 other servers and they are working just fine, no problems.
Any advice?
January 20, 2024 at 12:10 am
Can you contact the mail administrator? Intermittent mail failures can happen if there is smtp load balancing going on and you get sent to a mail server that is having issues or is configured differently.
January 20, 2024 at 2:58 pm
Hi Chrissy,
Our mail is handled through Microsoft 365, and as I said above, 3 other servers are using the same configuration and have experienced no issues.
Glenn
January 20, 2024 at 3:42 pm
So I managed to resolve this issue by adding in registry keys that correspond to TLS 1.2... I am a bit confused as to why I needed to do this as, like I said, this configuration was working for years previously. Just glad it is working again... for anyone curious, the following are the keys I added:
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SystemDefaultTlsVersions"=dword:00000001
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"DisabledByDefault"=dword:00000000
"Enabled"=dword:00000001
January 20, 2024 at 5:37 pm
Interesting... thanks, Glenn.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 21, 2024 at 4:23 pm
I think it's because MS is forcing users to adopt TLS1.2. I had similar problems a few months ago.
The absence of evidence is not evidence of absence
- Martin Rees
The absence of consumable DDL, sample data and desired results is, however, evidence of the absence of my response
- Phil Parkin
January 23, 2024 at 3:49 pm
Interesting. That would explain why the other servers are working properly then as they are Server 2019 and already have TLS 1.2 versus the one that failed which was Server 2012
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply