Just thought I would share this for anyone else that may be looking for problems with emails and TLS 1.0 TLS 1.1. The Additional information is at the very bottom of the KB and could easily be missed.
Additional information
Note: Microsoft and other e-mail providers (Apple, Google/Gmail, Cisco, etc.) have discussed (or already implemented) discontinuing support for TLS 1.0/1.1 and will only support TLS 1.2 for email. Microsoft has rescheduled their implementation of this change for Office 365 e-mail several times. However, starting September 2021, they began in earnest.
Note: These links are to Microsoft web pages. Their contents are subject to change. Sage is not responsible for the content of external web links.
- Microsoft: "We temporarily halted disablement of TLS 1.0 and 1.1 for commercial customers due to COVID-19. As supply chains have adjusted and certain countries open back up, we restarted the TLS 1.2 enforcement rollout on October 15, 2020. Rollout will continue over the following weeks and months..."
https://docs.microsoft.com/en-us/microsoft-365/compliance/tls-1.0-and-1.1-deprecation-for-office-365?view=o365-worldwide&preserve-view=true - Microsoft: "We are fully aware that many customers will not have noticed the multiple Message Center posts and blog posts, and are not aware of clients or devices that are still using TLS1.0 to submit messages. With this in mind, starting in September 2021, we will reject a small percentage of connections that use TLS1.0 for SMTP AUTH. Clients should retry as with any other temporary errors that can occur during submission. Over time we will increase the percentage of rejected connections, causing delays in sending that more and more customers should notice..."
https://techcommunity.microsoft.com/t5/exchange-team-blog/new-opt-in-endpoint-available-for-smtp-auth-clients-still/ba-p/2659652
Error: "Failed to read beginning of SSL/TLS record" and "Failed to establish TLS connection" when attempting Test e-mail
Summary
Error: "Connection closed by server", "Failed to read beginning of SSL/TLS record", "Failed to read incoming handshake messages", and "Failed to establish TLS connection" when attempting Test e-mail (Electronic Delivery) from Library Master, Company Maintenance in Sage 100
Note: Relevant ChilkatLog error information below, particularly in bold:
Connection closed by server.
Failed to read beginning of SSL/TLS record.
Failed to read incoming handshake messages (X)
Client handshake failed.
Failed to establish TLS connection.
--SMTP_Connect
Failed to connect to SMTP server.
Failed.
--VerifySmtpLogin
--ChilkatLog
Disclaimer
Sage Customer Support does not provide assistance for issues related to third party products or enhancements, hardware, report customizations, state or federal tax-related questions, or specific accounting questions. Please contact your Sage business partner, network administrator, or accountant for assistance. Please review this document for additional information on the scope of Sage Customer Support Services.
Cause
- The SMTP (e-mail) server may only be accepting certain cipher suites or versions of TLS encryption that the version of Sage 100 does not offer.
- Example: Sage 100 2018 and earlier use TSL 1.0 or 1.1. The current standard is TLS 1.2. Sage 100 2019 and higher uses TLS 1.2.
- There may be interference due to firewall restrictions or antivirus or security software.
- There may be operating system or network-related data corruption.
Resolution
Note: There are numerous different server programs and providers that provide the services of an SMTP e-mail server. Sage does not test Sage 100 with all e-mail services/programs/providers. Sage 100 Customer Support is not responsible for knowing the exact combination of program or provider, security or permission settings, inbound or outbound rules, account logins, passwords, bandwidth restrictions, etc. to enable successful e-mail delivery. The specifics of services, programs, and providers are subject to change. If an error is encountered, troubleshoot based on the Chilkat error log information. You may need to try various settings, or test an alternate service, program, or provider.
- The SMTP (e-mail) server may only be accepting certain cipher suites or versions of TLS encryption that the version of Sage 100 does not offer:
- Consider upgrading to a current version of Sage 100 that uses the current standard of TLS encryption: TLS 1.2.
- Note: Sage 100 2019 and higher uses TLS 1.2.
- Note: For more information on TLS encryption, see the Related Resources section.
- Find an SMTP provider that will allow, or change the SMTP server to allow, TLS 1.0 and 1.1.
- Caution: TLS 1.0 and 1.1 are deprecated due to security vulnerabilities.
- Consider upgrading to a current version of Sage 100 that uses the current standard of TLS encryption: TLS 1.2.
- There may be interference due to firewall restrictions or antivirus or security software settings:
- Try reconfiguring or temporarily disabling any firewall, antivirus, or security software.
- Note: Sage 100 Customer Support is not responsible for knowing the exact settings or options available within the many products available.
- Try reconfiguring or temporarily disabling any firewall, antivirus, or security software.
- There may be operating system or network-related data corruption:
- Investigate possible corruption.
- Note: Sage 100 Customer Support is not responsible for investigating operating system or network-related data corruption.
- Investigate possible corruption.