EldoS | Feel safer!

Software components for data protection, secure storage and transfer

office365.com

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#33011
Posted: 04/10/2015 03:23:42
by Vincent Parrett (Standard support level)
Joined: 01/17/2008
Posts: 20

What was the outcome of this? I'm a similar issue. Is there an example somewhere that works with office 365 ?
#33012
Posted: 04/10/2015 03:36:25
by Vsevolod Ievgiienko (EldoS Corp.)

Quote
Vincent Parrett wrote:
What was the outcome of this? I'm a similar issue. Is there an example somewhere that works with office 365 ?

Hello.

What exact problem do you have? Is it also 10058 error as in original topic? What SecureBlackbox version do you use?
#33014
Posted: 04/10/2015 06:47:51
by Eugene Mayevski (EldoS Corp.)

Back then the solution for two customers was to set Versions property to [sbSSL3] (i.e. enable only SSL3). The problem is that nowadays many servers switch from SSL 3 to TLS 1.1 or 1.2, so we'd need to investigate the problem from the beginning.


Sincerely yours
Eugene Mayevski
#33024
Posted: 04/11/2015 04:36:40
by Eugene Mayevski (EldoS Corp.)

For memory: right now connection and message sending works fine with version 12.0.268 and default settings. Things can change over time, of course.


Sincerely yours
Eugene Mayevski
#35093
Posted: 11/23/2015 18:01:43
by Leonardo Herrera (Standard support level)
Joined: 02/14/2011
Posts: 66

Also, for those using old SBB versions, to use Hotmail smtp servers I had to add a special case:
Code
if (smtp.Address = 'smtp.live.com') or
  (smtp.Address = 'smtp-mail.outlook.com') then
begin
  smtp.SSLMode := smExplicit;
  smtp.Versions := [sbTLS1];
end

I had also disabled most cipher suites. Not sure if this is affecting the above, thought (I think I had to do this to fix a similar problem before):
Code
for i := SB_SUITE_FIRST To SB_SUITE_LAST do
  client.CipherSuites[i] := false;

client.CipherSuites[SB_SUITE_RSA_AES128_SHA] := True;
client.CipherSuites[SB_SUITE_RSA_AES256_SHA] := True;
client.CipherSuites[SB_SUITE_DHE_RSA_AES128_SHA] := True;
client.CipherSuites[SB_SUITE_DHE_RSA_AES256_SHA] := True;
client.CipherSuites[SB_SUITE_DHE_DSS_AES128_SHA] := True;
client.CipherSuites[SB_SUITE_DHE_DSS_AES256_SHA] := True;
client.CipherSuites[SB_SUITE_ECDH_ECDSA_AES128_SHA] := True;
client.CipherSuites[SB_SUITE_ECDH_ECDSA_AES256_SHA] := True;
#35094
Posted: 11/24/2015 04:16:23
by Ken Ivanov (EldoS Corp.)

Hi Leonardo,

Thank you very much for sharing the results of your research.

Indeed, restricting the set of supported cipher suites often helps to overcome connectivity issues. I believe in majority of such cases the reason is not in the server itself, but in some intermediary IPSes that treat longer TLS hello messages as suspicious and shut down the connection as suspected DoS attack.

Ken
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 5182 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!