Closed
Bug 148423
Opened 23 years ago
Closed 23 years ago
I get constantly warned about my ISP's SSL certificate when I try to send mail.
Categories
(MailNews Core :: Networking: SMTP, defect)
Tracking
(Not tracked)
CLOSED
INVALID
People
(Reporter: miles, Assigned: mscott)
Details
Repro:
I have "Use secure connection (SSL)" set to
"When available" in my Mail & News Preferences.
I have a megapath.net ISP account.
My SMTP server is mail.megapathdsl.net.
Result:
When I send mail, I get:
You have attempted to establish a connection with
"mail.megapathdsl.net". However, the security certificate
presented belongs to"front2.mail.megapathdsl.net".
It is possible, though unlikely, that someone may be
trying to intercept your communication with this site.
Comment 1•23 years ago
|
||
this is no bug, it's a feature (and it says the certificate is
broken/stolen/whatever)
Reporter | ||
Comment 2•23 years ago
|
||
I wrote to my ISP about it and they told me the server was correctly configured.
The certificate is not stolen.
Comment 3•23 years ago
|
||
but still the certificate is for front2.mail.megapathdsl.net (IP: 66.80.60.30)
and _not_ for mail.megapathdsl.net (IP 66.80.60.20)
Comment 4•23 years ago
|
||
-> invalid
you can try to send your mail with "front2.mail.megapathdsl.net" and you should
not get this warning.
I had the same "problem" with my ISP but that's no bug.
The warning itself is correct !
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 5•23 years ago
|
||
Alright. Matti, is there any way for Megapath to configure their
handoff to a least-busy SMTP server in such a way that the certificates
would match? The support person at Megapath didn't seem to think so.
Status: RESOLVED → CLOSED
Comment 6•23 years ago
|
||
They use this way:
you connect to "mail.foo" -> they route it to "blah.mail.foo" (that's the mail
server)
The certificate is for the real mail server ("blah.mail.foo") and you get the
warning. (you can't disable the warning because it could be a very big security
problem (man in the middle attack) )
They possible route it because they can switch the mail servers and you doen't
need to change your mail settings. (you always connect to "mail.foo") and/or
they do load balancing with it (in that case you would get different hostnames
in the warning)
You can solve this if you do this:
change your smtp server from "mail.foo" to "blah.mail.foo"
(but it's possible that you get problems if they switch the mail server in a
year to blah2.mail.foo)
They can solve this if they change the certificate (i dunno if they can do this..) :
server "blah.mail.foo" and certificate to "mail.foo"
BTW: Please don't use "close", "Remind" or "Later"...
Updated•23 years ago
|
QA Contact: sheelar → junruh
Updated•20 years ago
|
Product: MailNews → Core
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•