[colug-432] Android and IMAP weirdness
R P Herrold
herrold at owlriver.com
Mon Feb 24 16:12:10 EST 2014
On Sat, 22 Feb 2014, Stephen Potter wrote:
> folders without issue, but my INBOX never refreshes properly. I believe
> the only port I had open on my old router was 143 (I've also got 25 and
> 110 open, just to be sure).
25 is not in play as that is SMTP. The authenticated SMTP
port is 587, which most non-'last mile' providing ISPs ahve
moved to, as 25 is so commonly blocked
110 / 143 are traditional pop and imap. Each can, but does
not mandate, an up-negotiation for STARTTLS authentication and
transport during the initial HELO negotiation as to
capabilities
I see later mention of 993, but I have not commonly see nor
found such, because of the difficulty of getting server
certificate chains 'right' at the server side. ATT and GMX
have great difficulty figuring out how to install renewed SSL
certificates. so a succession of new certificates and thus
fingerprints appear over time
[herrold at charles .fetchmail]$ grep -i fingerprint .* | awk -F: \
{'print $1'} | sort | uniq -c | sort -n
1 .fetchmailrc-gmail2
1 .fetchmailrc-rr0
4 .fetchmailrc-att0
4 .fetchmailrc-att1_
4 .fetchmailrc-att2_
4 .fetchmailrc-att3
4 .fetchmailrc-att4_
4 .fetchmailrc-gmx0
[herrold at charles .fetchmail]$
When I am setting up new servers with certificates, I have to
'cat' a chain of certificates back to the CA root as unlike
apache's chaining feature, the mail servers out there in FOSS
space do not seem to handle chaining as easily
-- Russ herrold
More information about the colug-432
mailing list