July 23, 2019 at 6:08 pm
An update - after checking that "force unencrypted" option, I dug around on the Office 365 security and compliance site and did an email trace. Maybe that fixed it!!! :-O See attachment:
It says Message received by: DMXXXX using TLS 1.2 with AES256. Can anyone confirm if this meets the Office 365 new requirements?
Sorry again for the confused and hysterical posts 😛
July 23, 2019 at 6:29 pm
Oops, another update. I ran that O365 trace report on an earlier SMTP mail it told me used TLS 1.0, and that also said "Message received by: DMXXXX using TLS 1.2 with AES256. " So the SMTP Auth Report tells me TLS 1.0 was used, and the mail trace tells me TLS 1.2 was used.
So that just made things worse ....sigh
More confused than ever,
Pat
July 23, 2019 at 7:05 pm
I'd use a local mail server to relay through and then configure TLS 1.2 on that. I dont think SQL 2016 database mail can do it and am uncertain about 2017. Not to mention, SQL's SMTP functionality is pretty primitive. If you use a relay, and something goes wrong during send, you will probably be able to do more about it on the relay than you will in database mail.
My default is using an IIS 6 relay, but Exchange or some other paid SMTP server would be better.
If you google something like "Relay smtp to Office 365 using IIS 6"
You should find a few guides. You'd just need to disable everything lower than TLS 1.2 under the schannel key for CLIENT settings.
implementing TLS with a user credential is the easiest, but you can only send a few hundred emails per hour before you start to get throttled.
Viewing 3 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply