Forum Stats

  • 3,853,532 Users
  • 2,264,231 Discussions
  • 7,905,384 Comments

Discussions

Oracle MyCloud Services - Not Receiving User Account Emails (TLS 1.0)

3571490
3571490 Member Posts: 1
edited Sep 26, 2018 8:07AM in Planning and Budgeting

Hi, we are working on an implementation of PBCS at our organization and when creating new users on the Oracle MyCloud Services the users are not receiving the new account emails containing their temporary passwords. If I use a email address outside of our organization I do get the emails.

In checking with the network team the emails are being rejected from our Sophos appliance because they are using TLS 1.0 which as of June 2018 is no longer supported. On our end the only option is for us to turn off all TLS encryption for all mail traffic (and that might not work if their system is dropping connections without TLS) which is a big security faux pas. TLS 1.0 encryption is old and considered not in keeping with best security practices.

The issue seems to be that Oracle is sending email with an older encryption method and won’t attempt to send mail without it.

Has anyone experiences this at their organization? How have you addressed this?

Thanks!

Tagged:

Answers

  • Jim-D
    Jim-D Member Posts: 584 Bronze Crown
    edited Sep 25, 2018 1:35PM

    Welcome!  The Getting Started space is intended for discussions about the Oracle Developer Community, not for product-specific questions.

    There are tips on how to find the correct space on the   page, which also has instructions on how to change your display name so you're not just a number.

    In the ACTIONS box on the right of your post, you should be able to click on "Move", and then specify the correct space - maybe a subspace of - so the right experts can see your question.  (A moderator here can also move the post for you.)

    Thanks and good luck!

    MOSC Move.png

  • JohnGoodwin
    JohnGoodwin Member Posts: 30,471 Blue Diamond
    edited Sep 26, 2018 3:25AM

    Have you logged an SR with Oracle, I know that there is some upcoming infrastructure changes (probably depends on data centre) which you should have been informed about, maybe the email was blocked

    "Outbound SMTP infrastructure is being upgraded to enable support TLS v1.0/v1.1/v1.2 and disable sslv3 along with applying fixes for various vulnerabilities. Key fix to highlight is the Logjam mitigation for TLS clients, which leads to rejecting handshakes with DH parameters shorter than 768 bits. This limit has been increased to 1024 bits in this release, to offer stronger cryptographic assurance for all TLS connections using ephemeral Diffie-Hellman key exchange.

    Cheers

    John

This discussion has been closed.