Seems to me the system is may be trying to verify the certificate? It may be checking the revoking list?
But yes I would try to contact Aruba to get some info, may be someone on the list has a contact there? On Mon, Jan 23, 2017 at 11:42 AM, Brandon Long via mailop <mailop@mailop.org > wrote: > Note that information about Google is about 3 years out of date, we no > longer fall back to unencrypted. > > Your best bet for important domains you care about it to try and contact > their admins to fix it. > > Other than that, it's basically up to your policies what to do... well, > and what your software can do. > > For us, the numbers were small enough to not be worth potentially sending > the mail in the clear. > > Brandon > > On Jan 23, 2017 10:21 AM, "Stefano Bagnara" <mai...@bago.org> wrote: > >> We recently enabled starttls to every destination (announcing the >> starttls extension). >> >> We now see a lot of "454 4.3.3 TLS not available due to temporary reason" >> in reply to the STARTTLS by a big B2B italian provider named Aruba. We >> usually are able to send the email after 2-3-5 attempts, so this is not >> causing "failures" but mainly delay, but randomness could even cause >> permanent failures. >> >> Now, I read a forum where someone said Google try TLS delivery for 1 day, >> then they switch to plain text delivery if the delivery didn't happen in >> the first 24 hours. >> >> What do other senders do? Is this "try TLS for a while then switch to >> plain text" a best practice or just something "invented" by Google? Or do >> you use whitelist/blacklist in order to decide valid TLS destinations? >> >> I also have similar messages by other targets, but thet are very low >> volume, so I didn't investigate them: >> - 454 4.7.0 TLS not available due to local problem >> - 454 4.3.0 TLS not available due to local problem >> - 454 TLS currently unavailable >> - 454 TLS missing certificate: error:02001002:system library:fopen:No >> such file or directory (#4.3.0) ) >> >> Stefano >> >> PS: this is my first post and www mailop org is not working right now so >> I've not been able to check the "posting guidelines" to see if this kind of >> message is allowed or not in this list. >> >> _______________________________________________ >> mailop mailing list >> mailop@mailop.org >> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >> >> > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > >
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop