SSL on IMAP/POP3/SMTP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: SSL on IMAP/POP3/SMTP
Re: SSL on IMAP/POP3/SMTP
24-02-2015 10:23 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Has the security certificate on the trial been changed, or has something else been changed in the configuration recently?
When attempting to send an email on my trial configured mail box, I got a certification verification warning "The target principle name is incorrect... see images attached.
NB: As discussed previously, to avoid issues with still working SMPT configurations with relay.plus.net for my test account, I have defined my target service in hosts as ssl.plus.net - is this the source of my issue?
Are we now in a position such that we can work with relay.plus.net not being directed to a specific IP address and be capable of supporting SSL and non-SSL connections?
Cheers,
Kevin
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SSL on IMAP/POP3/SMTP
24-02-2015 10:28 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSL on IMAP/POP3/SMTP
24-02-2015 11:47 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thank you for the reminder - looking back at old correspondence I now recall that this was covered with Bob.
The key question here is has anything changed? This was working as configured; on inspection I can only identify one sent email on that mailbox since joining the trial. I'm guessing that the CERT must have been updated since 29/12/2014?
...looks like I am going to have to reconfigure all email boxes using relay.plus.net unless the target IP address for the trial service can now support both SSL and non-SSL connections?
Kevin
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SSL on IMAP/POP3/SMTP
24-02-2015 12:56 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: SSL on IMAP/POP3/SMTP
05-03-2015 1:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Bob
Quote from: jelv From that I think we can safely take it that we won't see it for at least a year.
Ye of little faith
Six months later, do you still think jelv is of little faith?
I'm staggered by this, honestly. Offering email without SSL in the year 2015 isn't just bad, it's scandalous. I'd say that most of your users would assume their Plusnet email is secure, but if they're using it on their phones, with Windows 8 mail or any other POP/IMAP reader, they would probably be horrified to learn that it isn't secure at all. As most domestic users aren't very technical minded, it wouldn't be so bad if Plusnet pointed out the implications of unticking SSL on pages like this.
The implications being that the username, password and all mail associated with a Plusnet email account are vulnerable to man in the middle attacks. They are really not safe to use on any shared internet connection. Even at home, family members or housemates can intercept your email. Crazy. If Gmail was like this, then Google would be scandalised across global media.
Re: SSL on IMAP/POP3/SMTP
05-03-2015 4:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Den
Quote from: Bob
Quote from: jelv From that I think we can safely take it that we won't see it for at least a year.
Ye of little faith
Six months later, do you still think jelv is of little faith?
I've a slice of humble pie on standby just in case
It's taking longer than I'd hoped, although I have been testing some of the inbound stuff this week so things are moving in the right direction.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: SSL on IMAP/POP3/SMTP
07-03-2015 1:01 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: SSL on IMAP/POP3/SMTP
07-03-2015 1:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Having a username that is different from the email address is like an extra layer of security. It's harder for someone to hack an email account if they don't have the username... but you go and expose it in the email headers. Seems a bit daft.
Re: SSL on IMAP/POP3/SMTP
08-03-2015 2:00 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
username@username.plus.net
This is a generic concern which has been debated for years. It is the way that PN services are configured and is to be found across a number of ISPs, though some do have alternative approaches.
Personally I exclusively use / publish email addresses which use my own domain name, thereby avoid exposing my PN user name in email addresses.
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SSL on IMAP/POP3/SMTP
09-03-2015 2:34 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Den By the way, is it wise to expose an email account's username via the XAUTH header?
I was wondering when somebody was going to comment on this
I actually noticed it when testing the outbound SSL stuff. Wasn't until I looked into it that I realised it's the same for emails sent using plain auth too. I agree, we should probably obfuscate the information, however it's unlikely it will be done as part of the SSL stuff.
I'll do my best to ensure it ends up on somebody's radar though.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: SSL on IMAP/POP3/SMTP
15-03-2015 8:07 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It is only recently that i have been made aware of this SSL stuff, i keep getting error messages from my MacBookPro whenever i switch on the Mail App, until recently it has been sufficient to DISABLE SSL !!!!
But this week there was an Update made available to users of Yosemite (OS 10.10.2) and i have now had to ENABLE a very NEGATIVE security feature "ALLOW INSECURE AUTHENTICATION"
And i began to realise that this whole thing is going backwards !!!, all my other email accounts are rock solid secure, so why is Plus Net choosing to be different
It was then that i came across this Thread in the Community Forum i have read every Post therein and therefore i have to ask Bob Pullen what is going ON ? is there a light at the end of the tunnel ????
Tim
Re: SSL on IMAP/POP3/SMTP
15-03-2015 9:19 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
David
Re: SSL on IMAP/POP3/SMTP
16-03-2015 11:21 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It seems that Apple are being somewhat mischievous in creating a bit of a storm over what has been an accepted (even if not ideal) connection standard for decades. Unilaterally changing configured items without asking the user during an upgrade is extremely poor behaviour.
Users should have been asked if they wanted to make such changes and advised to check with their service providers to confirm that the enhanced facilities were supported.
Kevin
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
Re: SSL on IMAP/POP3/SMTP
16-03-2015 10:59 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Bob I'll do my best to ensure it ends up on somebody's radar though.
Just responding to say thank you.
I feel like I'm being antagonising every time I open my mouth in this thread... only when I go back and re-read my posts though.
Re: SSL on IMAP/POP3/SMTP
17-03-2015 11:48 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: timmytoad Hi all, and in particular Bob Pullen 🙂
It is only recently that i have been made aware of this SSL stuff, i keep getting error messages from my MacBookPro whenever i switch on the Mail App, until recently it has been sufficient to DISABLE SSL !!!!
But this week there was an Update made available to users of Yosemite (OS 10.10.2) and i have now had to ENABLE a very NEGATIVE security feature "ALLOW INSECURE AUTHENTICATION"
And i began to realise that this whole thing is going backwards !!!, all my other email accounts are rock solid secure, so why is Plus Net choosing to be different
It was then that i came across this Thread in the Community Forum i have read every Post therein and therefore i have to ask Bob Pullen what is going ON ? is there a light at the end of the tunnel ????
Tim
I have just had the same problem with my email account, and have resolved the problem by doing what you said above 'allowing insecure authentication'. If it hadn't been for this thread I would still be waiting on the phone for the support team!
Thankyou
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page