My exchange 2013 server uses a 3rd party service to archive and do spam filtering on incoming email. Consequently, the MX records point to the 3rd party, and the exchange server receives everything from the 3rd party. Theres a receive connector where TLS is required, and the scope is set to only the IP address of the 3rd party servers. All inbound email from the internet flows through this receive connector.
Every 15 minutes, this event gets logged:
<Provider Name="MSExchangeFrontEndTransport" />
<EventID Qualifiers="49156">1032</EventID>
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000</Keywords>
<Channel>Application</Channel>
Receive connector SecureReceive123 requires Transport Layer Security (TLS) before the MailFrom command can be run, but the server can't achieve it. Check this connector's authentication setting
Verbose logging is enabled on the Receive Connector. The FrontEnd\ProtocolLog\SmtpReceive logs show receive events from only the 3rd partys IP addresses, and no errors at the 15 minute intervals specified in the application log.
How do I find out what IP addresses is attempting to send email to my Receive Connector without TLS?
If the 3rd party is trying to connect without TLS every 15 minutes, in the interest of keeping errors out of the Application Log, is there a way to stop logging these 1032 Events?
- Edited by EdMVP 13 hours 34 minutes ago