Guest

Preview Tool

Cisco Bug: CSCvt48450 - FMC email notification not supporting implicit encryption on port 465

Last Modified

Apr 14, 2020

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases

6.2.3 6.2.3.9 6.3.0 6.3.0.2 6.3.0.4

Description (partial)

Symptom:
FMC does not support implicit encryption for email notifications on port 465. Regardless of settings configured it's always expecting server to initiate SMTP connection (‘Service ready (220)’ message) before starting encryption with STARTTLS. Should the server wait for AUTH LOGIN method, the connection just times out and mail server closes it with 'FIN, ACK' after one minute without activity.

According to RFC8314 both STARTTLS and AUTH LOGIN should be supported on port 465, which is not true for FMC.

Conditions:
FMC email notifications configured with port 465 and SSLv3 encryption for implicit encryption
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.