Messages are not passing through a Mail Prevent server with TLS enabled (SMTP_CONNECTION.5203)
search cancel

Messages are not passing through a Mail Prevent server with TLS enabled (SMTP_CONNECTION.5203)

book

Article ID: 161298

calendar_today

Updated On:

Products

Data Loss Prevention Network Prevent for Email

Issue/Introduction

When TLS is enabled, messages stop flowing through the Symantec Data Loss Prevention Email Prevent server.

The most recent RequestProcessor log will show the following exception: 

Oct 16, 2014 8:54:40 AM com.vontu.mta.rp.tls.SecureESMTPPeer init
INFO: Exception in SecureESMTPPeer initializer: 
java.lang.NullPointerException
at edu.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap.hash(ConcurrentReaderHashMap.java:292)
at edu.oswego.cs.dl.util.concurrent.ConcurrentReaderHashMap.get(ConcurrentReaderHashMap.java:404)
at com.vontu.keystorehouse.KeyStorehouse.getKeyContainer(KeyStorehouse.java:282)
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.getCryptoKey(PasswordDecryptor.java:45)
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.getDecryptedBytes(PasswordDecryptor.java:38)
at com.vontu.vontukeystorehouse.common.PasswordDecryptor.decryptPassword(PasswordDecryptor.java:22)
at com.vontu.mta.rp.RPConfig.getKeystorePassword(RPConfig.java:328)
at com.vontu.mta.rp.tls.SecureESMTPPeer.init(SecureESMTPPeer.java:167)
at com.vontu.mta.rp.StartTLSState.handleResponse(StartTLSState.java:61)
at com.vontu.mta.rp.RequestProcessorHandler.handleLine(RequestProcessorHandler.java:87)
at com.vontu.mta.rp.ESMTPRequestProcessorThread.readPeer(ESMTPRequestProcessorThread.java:899)
at com.vontu.mta.rp.ESMTPRequestProcessorThread.process(ESMTPRequestProcessorThread.java:978)
at com.vontu.mta.rp.ESMTPRequestProcessorThread.run(ESMTPRequestProcessorThread.java:1391)
at java.lang.Thread.run(Thread.java:744)
Oct 16, 2014 8:54:40 AM com.vontu.mta.rp.ESMTPRequestProcessorThread handleIOException

The SMTP Operational log will include a reference to this exception with the following line:

INFO: (SMTP_CONNECTION.5203) Forward connection error (tid=28 cid=12 mta=<> reason=java.lang.NullPointerException)

Cause

The generated NullPointerException is caused through the inability of the Email Prevent server to access its own keystore.

Resolution

Verify the following:

Ensure the correct keystore password has been entered into the Enforce Console for the Email Prevent server encountering the issue.  

This field can be found in the 'Configure' options for a given Email Prevent server.

Once the password has been re-entered, save the configuration options and recycle the Email Prevent server from the Enforce Console.

Ensure the needed 'prevent.ks' keystore exists within the '\ProgramData\Symantec\DataLossPrevention\DetectionServer\16.0\keystore\' directory (/var/Symantec/DataLossPrevention/DetectionServer/16.0/keystore/ on Linux) on the Email Prevent server.  

If a prevent.ks does not exist within this directory, one must be recreated utilizing the 'keytool' application.

Refer to the 'Generating Network Prevent for Email Server keys' page in the Symantec Data Loss Prevention Documentation.