Hi forum! I have an issue with one of my users where I cannot receive or send mail from and to him. He uses TLS1.2 and I do not. Is there a way to bypass this roadblock? Here’s the message we both get:
“PROD.OUTLOOK.COM returned '550 5.4.317 Message expired, cannot connect to remote server(451 5.7.3 STARTTLS is required to send mail)”
Try to check incoming and outgoing ports.
use this links to check ports, and change them and check if problem fix
Hello
Please follow the link below
Hi @Thompson Check any of the below instructions help you solve your problem:
Check to be sure the device is actually connected to the internet.
check the DNS for exchange.****.com, see if that record exists and where it points. Perhaps its value is incorrect. Be sure to check both the internal DNS servers and the public DNS servers, as they might not be the same.
Check the sending device, and make sure it has the proper TLS settings. If the device may be a copier/scanner, I feel sad for you. Microsoft recently started requiring the STARTTLS, and a few of the old copy machines are running firmware that doesn’t support this. If it is a copy machine, contact the manufacturer or support people and have them update the firmware. If they can not update the firmware, you will have to seek out a special thanks to saving the scans. maybe scan to a file share instead?
Check your mail transport rules on O365 to be sure your new tenant is allowing inbound traffic from the external IP of your device. These rules would be easy to overlook when moving from one tenant to another.
Hi @Thompson,
Below are the few solutions recommended by Microsoft these solutions, were taken from the Microsoft Doc site. For your issue any of the below solutions will help you:
Here are some steps for you to try:
Solution 1: The MX record for your domain might be missing or incorrect. Get more information about how MX records work at DNS basics.
Solution 2: Test your MX record and your organization’s ability to send mail by using the Outbound SMTP Email test in the Microsoft Remote Connectivity Analyzer.
Solution 3: The Sender Policy Framework (SPF) record for your domain might be incomplete, and might not include all email sources for your domain. For more information, see Set up SPF to help prevent spoofing.
Solution 4: Your domain might have expired due to non-payment. Verify with your domain registrar that your domain is active and not expired.
Solution 5: If the recipient is in your on-premises Exchange organization in a hybrid deployment, there might be a problem with your hybrid configuration. Give the information in the NDR to your on-premises Exchange administrators. They might need to rerun the Hybrid Configuration Wizard due to changes in their on-premises IP addresses or firewall rules.
Hi
I am leaving some of the Important suggestion in the thread so that If anyone is facing this error still can follow:
First you need confirm the following important setting on the both sender and recipient sides:
Once you confirm the above, you need to confirm is the sender and the recipient must be using the same port number, and the default port number for SMTP is 25 the reason I am telling is some email servers use different port numbers.
The encryption setting can be different on any of the sender or recipient servers make sure to confirm it and use the same encryption on both sides.
Check which email client is used by both the sender and the recipient. There is some client that doesn’t communicate with the other email client.
If the above suggestion is helpful please like a like button if not let me know
