cancel
Showing results for 
Search instead for 
Did you mean: 
Joe Arseneau
Valued Advisor
Valued Advisor

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

My IP address workaround was just a make do thing, not a fix, it either works or doesn't dependant on the IP and whether Google got to it yet or not, it is not a fix and should not be considered as one.

 

aspmx.l.google.com can only be used to send to a gmail account or another google apps user account (Anything hosted by gmail), it has to be able to work as it uses no encryption of any kind on port 25. If it won't work you need to go into the gmail account and enable less secure apps.

 

 

Please be sure to select "Accept Solution" and or select the thumbs up icon to enter Kudos for posts that resolve your issues. Your feedback counts!

Joe Arseneau
0 Kudos
Joe9575
New Member
New Member

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

Joe,

 

Thanks for the detailed response, will pass this along to our users.

 

I tried the aspmx.l.google.com and it did not work. Think we are out of options, back to scanning to a thumb drive.

 

Joe

0 Kudos
Joe Arseneau
Valued Advisor
Valued Advisor

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

Daniel is correct in the SHA-2 thing....

 

But it won't be taken as a Spar, that was tried and already declined, it needs to be done as a FER(Feature Enhancement Request)

 

Since my post Monday some things have been confirmed, the printer (Almost all the Fuji-Xerox machines) don't support SHA-2. They never did, so a spar (It's broken, we gotta fix it) won't be considered, it has to be a FER (It can't do it, but we would like it to).

 

Timeline for a fix is unknown, and is not guaranteed, but as we get more and more FER requests submitted the more visibility this will get and drive it to a higher priority.

 

Microsoft is going to switch, Chrome as well, GoDaddy too, Office365 soon.

 

A few timelines

 

  • Microsoft’s SHA-1 deprecation plan differs in the activation time and browser behavior. Microsoft’s security advisory on “Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program” informed us that Windows will cease accepting SHA-1 SSL certificates on January 1, 2017. To continue to work with Microsoft platforms, all SHA-1 SSL certificates issued before or after this announcement must be replaced with a SHA-2 equivalent by January 1, 2017.

 

  • Chrome version 39 and later will display visual security indicators on sites with SHA-1 SSL certificates with validity beyond January 1, 2016. The production release of Chrome 39 is expected to be in November, 2014. The sites will be treated with one of the following indicators: “secure, but with minor errors” (lock with yellow triangle), “neutral, lacking security” (blank page icon) and “affirmative insecure” (lock with a red X). In order to prevent online users on Chrome version 39 and later from experiencing these indicators, SHA-1 SSL certificates expiring after December 31, 2015 must be replaced with SHA-256 (SHA-2) certificates.

 

https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1

 

https://community.qualys.com/blogs/securitylabs/2014/09/09/sha1-deprecation-what-you-need-to-know

 

 

Fuji-Xerox has made an official pdf for their products, but Xerox typically changes the device names for release in other markets.

 

 

I can confirm the issue exists on the 53xx, 7120, 560 families.

It likely exists on the C75,J75, C60/C70.

 

 

Long update made short:

If you are getting this, call Xerox, get to 2nd level  state you heard about the SHA-2 issue, and would like to get a FER started because you need that ability on your device and are receiving the error.

 

 

 

 

Long hold time to be expected for the foreseeable future, the poor guys* and girls who have to support these machines will be getting hammered with calls, but they know that it won't be fixed without those calls, , best bet is you just call, wait in line and get it reported for your site.

 

*I am one of them.

 

 

Please be sure to select "Accept Solution" and or select the thumbs up icon to enter Kudos for posts that resolve your issues. Your feedback counts!

Joe Arseneau
0 Kudos
Daniel991144-RSS
Remote Technical Support User
Remote Technical Support User

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

Google, Yahoo, and Microsoft are in the process of switching over to SHA2 SSL certificates. That's the cause of 17-714 codes you're seeing.

 

As a workaround, you can scan only to G-Mail addresses using the following setup:

 

aspmx.l.google.com (instead of smtp.gmail.com)

 

Port 25 (instead of 465 or 587)

 

Encryption type None, rather than SSL/TLS

 

It's an extra step to receive the scan into a G-Mail inbox and then forward it on, but it's a workaround until a point a SPAR is or is not developed.

0 Kudos
Joe9575
New Member
New Member

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

We are having the same problem. We have two 5335's with the same problem. We have a dozen copiers including two Xerox 5845. All of those work.

We called our Xerox rep, he said we have the latest version and it was our problem. We did not have the latest version, your version was newer. We down loaded that, installed it and it still did not work. We got a different error message, 016-764.

 

We also tried the IP address of smtp.gmail.com, no luck. This does not make sense anyway. Sooner or later Google will update that one.

 

Anything else to try? Or do we just wait for another firmware update.

 

 

0 Kudos

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

Thanks for your answer, I will try that and let you know if it works!

0 Kudos
Joe Arseneau
Valued Advisor
Valued Advisor

Re: Workcentre 5330 Email Error (017-714)

Jump to solution

Latest firmware for the 53xx is here and is dated last month. So grab that and install it first. (The latest firmware on Xerox.com is never the latest, it is always the current "General Release", there is almost always a newer firmware that is considered a "Spar" which is a General release modified to fix known issues in the General release.)

 

The Firmware you listed is for an entirely different family of machines, it runs the 7120 specifically.

 

The fault you are getting is because the printer does not understand the encryption used by the server.

It very much appears that Google is doing another staged security rollout, like they did last year that mandated the use of 2048 Encryption, and because it is a staged rollout, it goes server to server, so the machine will work today, but not tomorrow. Google does all their updates this way. Xerox is getting many reports from many customers on many machine families about that particular error. So install the latest spar, if it still fails, ping "smtp.gmail.com" a few times from different PC's and collect some different IP addresses, cycle through them on the printer and use whichever works (Because they stage their rollouts you will typically find one that has not had the update done yet) and use that while waiting for Xerox to get a firmware built to meet the standards.

 

So just update the firmware and change no settings and all should be well.

Please be sure to select "Accept Solution" and or select the thumbs up icon to enter Kudos for posts that resolve your issues. Your feedback counts!

Joe Arseneau

Workcentre 5330 Email Error (017-714)

Jump to solution
Product Name: Other - specify product in post

Hi I'd giving support to 4 Xerox Devices: 3 WC 5330 and 1 59xx..

 

This week the 3 WC 5330 present the same failured: Smtp over ssl fail - error code (017-714). I was searching for some support a it says that "The likely cause of this error is that the SMTP configuration is incorrect for the SMTP service. A possible cause is that the port entered for sending e-mails is incorrect. Check to make sure the SMTP settings configured on the printer are correct." The SMTP is configured with a Gmail account, the 3 WC 53xx had the same information at the SMTP Server as the 59xx (hostname, port, gmail account, password, etc.) but only the 59xx its working. So I supposed that it would be something the the firmware because the WC 59xx works with Connectkey and the WC 53xx its a outdated. 

 

  • I already initializated the NVM sometimes it works, but this time it didnt work.
  • I cant used aspmx.l.google.com with port 25 because they use Microsoft Outlook, and it only works with gmail or google apps users.
  • At xerox support says that if my mail server requires SSL/TLS Encryption, I have to make sure that the firmware is updated to at least version 71.13.41. But that is the problem the last firmware uploaded for WC 53xx is very outdated.

Hope that somebody can help with this, I'll be attentive to your answers.

 

Regards!

0 Kudos