------------ Original Message ------------
> Date: Thursday, April 16, 2015 09:01:58 -0400
> From: Greg Troxel <[email protected]>
>
>
> WK <[email protected]> writes:
>
>> The problem can be described very simply: I can not send e-mails
>> on a ssl-encrypted connection to Port 587, when I use the mobile
>> network. Only when my phone is connected to a WiFi, I can send
>> messages. This is not the fault to the mobile provider, because
>> I can use "telnet mailserver 587" in a terminal and I get a
>> connection. So it is not the mobile provider, who is filtering
>> this port.
>
> That doesn't proove that they aren't doing a MITM to inspect mail.
> To be sure, you need to negotiate TLS and validate the
> certificates. (This is in the US more common at some wifi places
> vs mobile.) https://crypto.stanford.edu/ssl-mitm/
>
>
> tls to 587 works fine for me with k-9, on almost all WiFi and on
> mobile data.
>
> You should be very careful that your other client that "works"
> isn't accepting a fake certificate from the mobile operator.
I don't think I would see this as a K-9 issue. K-9 is, to the best
of my knowledge, connectivity agnostic, so it shouldn't matter what
your connectivity is. As with Greg, I don't have issues with sending
(or receiving) mail, unless the connectivity is bad, and then it
doesn't matter if it's wifi or celldata.
So, a couple of debugging questions.
- What is the error that you get when sending via celldata fails?
-- in your earlier messages you said "k9 complains about not
being able to connect". Is it that it can't find the
server, that starttls fails, authentication fails, or
something else?
- Is the connectivity underlying the wifi where K-9 works
from web.de, or someone else?
- Does it work on all wifi, or just certain locations/providers?
- Are you restricting K-9's background data use when on celldata?
Comparing the protocols and ciphers offered when you connect via
wifi vs. celldata would be interesting, but I can't find an app that
will do this against a STARTTLS environment. [On my *nix machine I
would use "openssl s_client".]
--
--
You received this message because you are subscribed to the K-9 Mail Users List.
To post to this group, send email to [email protected]
To unsubscribe, email [email protected]
To report an issue with K-9 Mail, visit
http://code.google.com/p/k9mail/issues/list
For more options, visit this group at http://groups.google.com/group/k-9-mail
---
You received this message because you are subscribed to the Google Groups "K-9
Mail" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
