MessageLabs.com 421 Service Temporarily Unavailable, TLS negotiation failed with error IllegalMessage

I have already indeed email a sample message to Symantec (investigation@review.symantec.com) for the NDR message delayed emails.

I poseted in hopes to maybe help with this issue and see if someone else has any ideas.

In the Send connector protocol logs, we see:

2019-01-09T16:42:03.318Z,Internet,08D1234567811DF6,0,,x.x.x.x:25,*,,attempting to connect
2019-01-09T16:42:03.334Z,Internet,08D6723456789DF6,1,x.x.x.x:32944,x.x.x.x:25,+,,
<,220 server-5.tower-347.messagelabs.com ESMTP,
>,EHLO Mail.xxxx.com,
<,250-server-5.tower-347.messagelabs.com,
<,250-STARTTLS,
<,250-PIPELINING,
<,250 8BITMIME,
>,STARTTLS,
<,220 ready for TLS,
*,,Sending certificate
*,"CN=mail.xxxx.com, O=""xxxx, Inc."", L=xxxx, S=xxxx, C=US",Certificate subject
*,"CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US",Certificate issuer name
*,09024235443534F8234324,Certificate serial number
*,FDA0D53434343D933F32345123456789681DAAC3,Certificate thumbprint
*,mail.xxxx.com;autodiscover.xxxx.com;owa.xxxx.com;,Certificate alternate names
*,,TLS negotiation failed with error IllegalMessage
-,,Local

Then we Also See:

2019-01-09T19:35:50.765Z,Internet,08D67123445551F4,0,,x.x.x.x:25,*,,attempting to connect
2019-01-09T19:35:50.765Z,Internet,08D67123445551F4,1,x.x.x.x:48897,x.x.x.x:25,+,,
2019-01-09T19:35:51.093Z,Internet,08D67123445551F4,2,x.x.x.x:48897,x.x.x.x:25,<,"220 mail555.messagelabs.com ESMTP Wed, 09 Jan 2019 19:35:50 +0000",
2019-01-09T19:35:51.093Z,Internet,08D67123445551F4,3,x.x.x.x:48897,x.x.x.x:25,>,EHLO mail.xxxx.com,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,4,x.x.x.x:48897,x.x.x.x:25,<,250-mail555.messagelabs.com Hello ip-100-112-14-171.us-east-1.aws.symcld.net [100.112.14.171],
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,5,x.x.x.x:48897,x.x.x.x:25,<,250-SIZE 52428800,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,6,x.x.x.x:48897,x.x.x.x:25,<,250-8BITMIME,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,7,x.x.x.x:48897,x.x.x.x:25,<,250-PIPELINING,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,8,x.x.x.x:48897,x.x.x.x:25,<,250-CHUNKING,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,9,x.x.x.x:48897,x.x.x.x:25,<,250-PRDR,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,10,x.x.x.x:48897,x.x.x.x:25,<,250 HELP,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,11,x.x.x.x:48897,x.x.x.x:25,*,,sending message with RecordId 10261234567442 and InternetMessageId <1523344547606.84370@xxxx.com>
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,12,x.x.x.x:48897,x.x.x.x:25,>,MAIL FROM:<Paul.xxxx@xxxx.com> SIZE=34071,
2019-01-09T19:35:51.140Z,Internet,08D67123445551F4,13,x.x.x.x:48897,x.x.x.x:25,>,RCPT TO:<jschxxxx@xxxx.com>,
2019-01-09T19:35:51.186Z,Internet,08D67123445551F4,14,x.x.x.x:48897,x.x.x.x:25,<,250 OK,
2019-01-09T19:35:51.186Z,Internet,08D67123445551F4,15,x.x.x.x:48897,x.x.x.x:25,<,421 Service Temporarily Unavailable,

All Message Labs Servers we see with TLS Negoiation Problems:

server-6.tower-367.messagelabs.com

server-14.tower-387.messagelabs.com

server-35.tower-384.messagelabs.com

server-9.tower-347.messagelabs.com

server-13.tower-407.messagelabs.com

server-35.tower-404.messagelabs.com

server-3.tower-327.messagelabs.com

server-35.tower-344.messagelabs.com

server-8.tower-341.messagelabs.com

server-16.tower-381.messagelabs.com

server-3.tower-361.messagelabs.com

server-4.tower-246.messagelabs.com

MessageLabs with 421 Service Temporarily Unavailable:

mail555.messagelabs.com