I'm using sp_send_dbmail to send mails to an Office 365 account. All mails have similar content and are sent to users in the same domain. All mails were sent using the same profile.
About 50% of the mails were delivered and the rest failed to be sent. (Checked in the msdb.dbo.sysmail_allitems), the error is "The mail could not be sent to the recipients because of the mail server failure. (Sending Mail using Account 9 (2022-01-28T17:38:08). Exception Message: Cannot send mails to mail server. (Failure sending mail.).)"
Does anyone have an idea what could cause this error?
I sent this just before my weekend, I will be back to check on Monday.
January 28, 2022 at 5:54 pm
We are experiencing the same. I have an open ticket with Microsoft as this was all working great until Monday (1/24/2022). Some emails go through fine, others are delayed, some fail completely with the same, non-helpful, error message.
January 28, 2022 at 10:00 pm
Might not hurt to check out the Exchange error logs and see what those say. Could be something that is easily corrected by reviewing the logs on the other side of the equation.
Depending on how you are sending the mail, it could be Exchange trying to detect an attack - same email body and subject sent to multiple individual accounts in a short period of time may look suspicious to some servers and it would allow some of the mail through, and fail the others. BUT the Exchange logs should help.
The above is all just my opinion on what you should do.
As with all advice you find on a random internet forum - you shouldn't blindly follow it. Always test on a test server to see if there is negative side effects before making changes to live!
I recommend you NEVER run "random code" you found online on any system you care about UNLESS you understand and can verify the code OR you don't care if the code trashes your system.
January 28, 2022 at 10:04 pm
It seems Microsoft has disabled some weaker ciphers on the O365 end. The solution for us was to add the below registry keys and restart the server.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
January 31, 2022 at 10:37 am
The registry key were already added some time age, but that didn't make any difference.
January 31, 2022 at 8:18 pm
Thanks ashepherd,
The emails are similar but have different content, it looks completely random whether the mails are sent or fail.
The solution you gave (registry items) was done more than a month ago when we had a similar issue, it solved the issue until mail started to fail from January 24th around 14:45 CET.
Do you know another solution or workaround?
January 31, 2022 at 8:34 pm
Sadly, no. This issue began for us beginning of last week. We have multiple O365 profiles set up in dbmail and all worked great until last week. The solution that worked for us was found on a stack overflow site (URL below). We ultimately only needed the first two registry keys (for .NET), but you might want to try them all.
https://dba.stackexchange.com/questions/213608/enable-tls-1-2-for-sql-server-2016-database-mail
There are a few more registry setting to be made, all listed in https://businesswintelligence.com/content/42/enforce-tls-strong-crypto (thanks to Pedro Salina-Ruiz) Setting these values and forcing a restart of the Database Mail Engine seems to have solved our issue.
I resent the last 150 mails that failed and the all went through fine.
February 1, 2022 at 1:37 pm
Sweet. Glad to hear it. Great content in that article as well - saved for future use!
Viewing 9 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply