SMTP Server (Exchange 2003) hangs up on client after STARTTLS command after adding cert

Question

I am stumped on this. I have Exchange Server 2003 still in use. I created a valid LetsEncrypt SSL cert, and successfully imported the pfx in my Default SMTP Virtual Server properties, Access tab. Now, clients sending EHLO are told STARTTLS is available. But several of my email clients (which must be set to use STARTTLS if available) stopped being able to send mail. I've used Wireshark to observe successful emails going out before adding the cert (authentication is performed) and again after adding the cert. After adding the cert, EHLO indicates STARTTLS is available. The client sends STARTLS. The server responds "2.0.0 SMTP server ready". The client sends the SSL Client Hello, and 10ms later, the SMTP Server closes the connection (FIN,ACK packet sent back to the client). That's the end.

Not sure how to diagnose this. Nothing in the event log. I do have a log in windows LogFIles SMTPSvc1 folder. Here is what it shows when STARTTLS is specified and the server hangs up:

 2017-10-28 14:20:01 192.168.5.80 localhost 250 0 110
 2017-10-28 14:20:01 192.168.5.80 localhost 220 0 0
 2017-10-28 14:20:01 192.168.5.80 localhost 220 0 0
 2017-10-28 14:20:01 192.168.5.80 localhost 503 2148074248 31
 2017-10-28 14:20:01 192.168.5.80 localhost 240 203 31

For reference, when I remove the cert, so no STARTTLS is sent, the client authenticates and then sends successfully, and here are the log entries:

 2017-10-28 13:43:26 192.168.5.80 localhost 250 0 0
 2017-10-28 13:43:26 192.168.5.80 localhost 250 0 0
 2017-10-28 13:43:26 192.168.5.80 localhost 250 0 0
 2017-10-28 13:43:26 192.168.5.80 localhost 250 0 281
 2017-10-28 13:43:26 192.168.5.80 localhost 240 703 0

And in case someone knows what's in here and it may be helpful, here are the final two packets traced - the Client Hello and the RST hangup...

No.     Time                          Source                Destination           Protocol Length Info
     17 2017-10-28 09:41:05.669172000 192.168.5.80          192.168.1.11          SSL      583    Client Hello

Frame 17: 583 bytes on wire (4664 bits), 583 bytes captured (4664 bits) on interface 0
Internet Protocol Version 4, Src: 192.168.5.80 (192.168.5.80), Dst: 192.168.1.11 (192.168.1.11)
Transmission Control Protocol, Src Port: 48022 (48022), Dst Port: 25 (25), Seq: 27, Ack: 485, Len: 517
    Source Port: 48022 (48022)
    Destination Port: 25 (25)
    [Stream index: 1]
    [TCP Segment Len: 517]
    Sequence number: 27    (relative sequence number)
    [Next sequence number: 544    (relative sequence number)]
    Acknowledgment number: 485    (relative ack number)
    Header Length: 32 bytes
    .... 0000 0001 1000 = Flags: 0x018 (PSH, ACK)
    Window size value: 237
    [Calculated window size: 30336]
    [Window size scaling factor: 128]
    Checksum: 0x87d7 [validation disabled]
    Urgent pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]
Secure Sockets Layer
    SSL Record Layer: Handshake Protocol: Client Hello
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 512
        Handshake Protocol: Client Hello
            Handshake Type: Client Hello (1)
            Length: 508
            Version: TLS 1.2 (0x0303)
            Random
            Session ID Length: 0
            Cipher Suites Length: 124
            Cipher Suites (62 suites)
            Compression Methods Length: 1
            Compression Methods (1 method)
            Extensions Length: 343
            Extension: server_name
                Type: server_name (0x0000)
                Length: 17
                Server Name Indication extension
                    Server Name list length: 15
                    Server Name Type: host_name (0)
                    Server Name length: 12
                    Server Name: 192.168.1.11
            Extension: ec_point_formats
                Type: ec_point_formats (0x000b)
                Length: 4
                EC point formats Length: 3
                Elliptic curves point formats (3)
            Extension: elliptic_curves
                Type: elliptic_curves (0x000a)
                Length: 10
                Elliptic Curves Length: 8
                Elliptic curves (4 curves)
            Extension: SessionTicket TLS
                Type: SessionTicket TLS (0x0023)
                Length: 0
                Data (0 bytes)
            Extension: signature_algorithms
                Type: signature_algorithms (0x000d)
                Length: 32
                Signature Hash Algorithms Length: 30
                Signature Hash Algorithms (15 algorithms)
            Extension: Unknown 22
                Type: Unknown (0x0016)
                Length: 0
                Data (0 bytes)
            Extension: Unknown 23
                Type: Unknown (0x0017)
                Length: 0
                Data (0 bytes)
            Extension: Padding
                Type: Padding (0x0015)
                Length: 248
                Padding Data: 000000000000000000000000000000000000000000000000...

No.     Time                          Source                Destination           Protocol Length Info
     18 2017-10-28 09:41:05.675195000 192.168.1.11          192.168.5.80          TCP      66     25→48022 [FIN, ACK] Seq=485 Ack=544 Win=64992 Len=0 TSval=52648030 TSecr=1233339601

Frame 18: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
Internet Protocol Version 4, Src: 192.168.1.11 (192.168.1.11), Dst: 192.168.5.80 (192.168.5.80)
Transmission Control Protocol, Src Port: 25 (25), Dst Port: 48022 (48022), Seq: 485, Ack: 544, Len: 0
    Source Port: 25 (25)
    Destination Port: 48022 (48022)
    [Stream index: 1]
    [TCP Segment Len: 0]
    Sequence number: 485    (relative sequence number)
    Acknowledgment number: 544    (relative ack number)
    Header Length: 32 bytes
    .... 0000 0001 0001 = Flags: 0x011 (FIN, ACK)
    Window size value: 64992
    [Calculated window size: 64992]
    [Window size scaling factor: 1]
    Checksum: 0x9699 [validation disabled]
    Urgent pointer: 0
    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
    [SEQ/ACK analysis]

Answer 1

I'm pretty sure the problem is that Exchange Server 2003 SMTP server, which is old, only supports TLS 1.0, which is not considered so secure anymore. And clearly it would not support any of the newer cyphers. So, again with no proof, I'm pretty sure the other end was hanging up because the STARTTLS / Client Hello message indicated that the protocols and or cyphers offered by the server and available on the client have no overlap. I've resolved my issue by sticking a more modern SMTP server (from hMailServer) between the Exchange Server 2003 and the rest of the world. And that has solved my problem. An even better long term approach will be to remove Exchange 2003 Server from the environment.