At 09:24 AM 8/27/2002, Thomas C. Fischer wrote: >Hi all, > >having studied the archives of the list I have found a number of similar >questions, yet never a complete answer to solve my problem. So please >forgive me if this might be a newbie question or a repost... > >I have set up qpopper4.0.4 and want to use it with Outlook and SSL >encryption. > >First question: Do I need to configure the alternative-port or can Outlook >use the TSL on port 110?
Microsoft does not seem to understand STARTTLS on port 110. So you need to set up a second instance of qpopper on port 995 in "alternate-port mode" in which TLS starts before the POP protocol, rather than as a result of negotiation. > I have encountered problems when using Norton >Antivirus' email protection that seems to act as a proxy on port 110... Norton Antivirus doesn't understand STARTTLS, and won't work with alternate port either. It's a bad match for Outlook. It uses a proxy setup. I believe McAfee uses a plug-in to Outlook, which makes a lot more sense. Short answer: find a different antivirus package if you need to use Outlook. Norton works fine in conjunction with Eudora, with Norton's email protection stuff turned off. This works, because Eudora saves off attachments into separate files, and Norton will notice the virus-laden file(s) being written to disk. >Second question: Why does it not work... ;-) Outlook tries to connect and >gets back an error code 0x800ccc0f - regardless of the port number. My >server log says the following (after all the initialisation of the ssl >stuff...) > >---- log for port 110 ---- > >Aug 27 12:22:43.605 2002 [15060] ...successfully completed OpenSSL >initialization [pop_tls_openssl.c:449] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] TLS Init [popper.c:202] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] (v4.0.4) Intro [popper.c:247] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] +OK Qpopper (version 4.0.4) at >xxx.xxx.de starting. <[EMAIL PROTECTED]> [popper.c:260] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] Qpopper ready for input from (null) at >xxx.arcor-ip.net [145.254.205.36] [popper.c:294] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] (null) at xxx.arcor-ip.net ( >145.254.205.36): -ERR POP EOF or I/O Error [popper.c:820] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] +OK Pop server at xxx.xxx.de signing >off. [popper.c:360] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] pTLS->m_pPOP->tls_started == false >[pop_tls_openssl.c:807] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] freeing m_OpenSSLconn >[pop_tls_openssl.c:811] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] freeing m_OpenSSLctx >[pop_tls_openssl.c:817] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] openssl_shutdown returning 0 >[pop_tls_openssl.c:822] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] (v4.0.4) Ending request from "" at >(xxx.arcor-ip.net) 145.254.205.36 [popper.c:378] >Aug 27 12:22:43.605 2002 >Aug 27 12:22:43.605 2002 [15060] (v4.0.4) Timing for @xxx.arcor-ip.net >(error) auth=0 init=0 clean=0 [popper.c:384] > > >---- log for port 995 ---- > >Aug 27 12:28:38.651 2002 [15144] ...successfully completed OpenSSL >initialization [pop_tls_openssl.c:449] >Aug 27 12:28:38.651 2002 >Aug 27 12:28:38.651 2002 [15144] TLS Init [popper.c:202] >Aug 27 12:28:38.651 2002 >Aug 27 12:28:38.651 2002 [15144] Attempting OpenSSL handshake >[pop_tls_openssl.c:498] >Aug 27 12:28:38.651 2002 >Aug 27 12:28:38.651 2002 [15144] tls accept returned 0 >[pop_tls_openssl.c:501] >Aug 27 12:28:38.651 2002 >Aug 27 12:28:38.651 2002 [15144] SSL_get_error says SSL_ERROR_SYSCALL (5) >[pop_tls_openssl.c:508] >Aug 27 12:28:38.651 2002 >Aug 27 12:28:38.651 2002 [15144] TLS handshake Error >[pop_tls_openssl.c:541] >Aug 27 12:28:38.651 2002 >Aug 27 12:28:38.651 2002 [15144] TLS/SSL Handshake failed: -1 >[popper.c:213] > > >What on earth do I do wrong??? > >Do I have to manually install the certificates in Outlook? I thought they >are exchanged automatically. I use a self-signed certificate. > >Any help regarding this matter is greatly appreciated! > >Best regards, >Thomas ----------------------------------------------------------------- Daniel Senie [EMAIL PROTECTED] Amaranth Networks Inc. http://www.amaranth.com
