450 4.4.317 UntrustedRoot error
There is a company that sends us a lot of e-mail. Most of it gets through. But I've started getting reports of certain e-mails bouncing. This is the redacted error message:
10/10/2024 3:45:39 PM - Server at ourdomain.com (ip address) returned '450 4.4.317 Cannot connect to remote server [Message=UntrustedRoot Expected Subject: Unknown. Presented Subject: CN=SonicWALL, OU=SonicWALL, O=SonicWALL, L=SonicWALL, S=SonicWALL, C=US. Thumbprint: C084D409D1598B6DDC9A69E787FF5D680E7B2DC6.] [LastAttemptedServerName=ourdomain.com] [LastAttemptedIP=ipaddress:25] [SmtpSecurity=-1;-1] [BN8NAM12FT092.eop-nam12.prod.protection.outlook.com 2024-10-10T15:45:39.992Z 08DCE8039DD611ED](UntrustedRoot Expected Subject: Unknown. Presented Subject: CN=SonicWALL, OU=SonicWALL, O=SonicWALL, L=SonicWALL, S=SonicWALL, C=US. Thumbprint: C084D409D1598B6DDC9A69E787FF5D680E7B2DC6.)'
What would be causing this on my end when most of their e-mail does come through to us OK? I'm wondering if it's because we're using a self-signed certificate, but there isn't very good documentation for the sonicwall email security appliance about setting up TLS and it's been working for over 10 years the way it is.
Answers
I decided to run with my guess, and created a free cert for testing with zerossl.com. I used checktls.com to test before and after, and it looks like my guess was probably right. I'm now waiting to see if it fixes this particular problem.