Closed Bug 667057 Opened 12 years ago Closed 12 years ago

Problems with Yahoo POP servers

Categories

(MailNews Core :: Security, defect)

Product:
MailNews Core
Component:
Security
Version:
Other Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: jgosis, Unassigned)

References

Details

User-Agent:       Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; es-AR; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11

TB cannot get the Yahoo POP mails, unless you turn security from SSL to None
Yahoo's support team says:

"It is because of Mozilla Mail update MFSA2010-70, which tookeffect in Jun 21, 2011's Mozilla Mail 3.1.11 patch, read this for detail:

http://www.mozilla.org/security/annou...

In this version, Mozilla Mail will deny any SSL certificate with a wildcat, unfortunately, Yahoo mail plus uses 2 SSL certificates with wildcat:

plus.pop.mail.yahoo.com:995
and
plus.smtp.mail.yahoo.com:465

Both are issued to *.pop.mail.yahoo.com and *.smtp.mail.yahoo.com

(Please check this address http://www.digicert.com/help/ for Yahoo mail plus SSL certificate detail)

Solution: rollback to an older version of mozilla mail.

http://sg.answers.yahoo.com/question/..."

Please, fix this problem!!!!



Reproducible: Always

Steps to Reproduce:
1.Check your ___@yahoo.com or ___@yahoo.com.ar mail from a Yahoo server (e.g., pop.mail.yahoo.com.ar or plus.pop.mail.yahoo.com; DO NOT USE pop.mail.yahoo.co.uk, with this server it works), SSL, Port 995 
2.
3.

Actual Results:  
It won't work at all!!!!


Expected Results:  
Get my mails as I've allways did with previous TB versiones
The answer from yahoo is not correct. Only wildcards for IP addresses are disallowed but not for hostnames and CN=*.pop.mail.yahoo.com is clearly not an IP address.

>TB cannot get the Yahoo POP mails
and what happens ? Do you get an error message ?
Severity: critical → normal
Component: General → Security
Product: Thunderbird → MailNews Core
QA Contact: general → security
Version: unspecified → Other Branch
That answer from sg.answers.com is not from a Yahoo employee ; it is from a contributor and I hate to say it but it is wrong
This "problem" happens with Apple Mail.app, Outlook etc and is therefor not a Mozilla Thunderbird problem, so I going to close this bug:
e.g. Apple Mail.app has the same problem:
https://discussions.apple.com/thread/3135275?start=30&tstart=0
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
anyone with a yahoo plus account that could do a manual check with openssl why or how yahoo fails ?
@Roland:  The problem does *not* occur with Outlook, which still, even now, can POP download from plus.pop.mail.yahoo.com using SSL on port 995.  The Yahoo support/contributor points out that Mac Mail shares same core as Mozilla/Firefox/Thunderbird and is subject to the same MFSA2010-70 patch.  This is a Thunderbird/Mozilla problem, and this definitely merits a closer review and I don't get why you have been so persistent in trying to brush off this problem.

The mode of failure was that Thunderbird hung while giving the appearance of downloading and generated no error messages.

I just tried to reproduce the problem on my Ubuntu 11.04 machine and I see that Thunderbird has rolled back (on its own?) to 3.1.10, which has resolved the problem; 3.1.10 communicates with Yahoo POP SSL.
All:
Got in touch with Yahoo Mail support and they rolled back sometime around 6p.m. Pacific June 24, 2011 to the *old* Yahoo POP server which does work with SSL, port 995 and Thunderbird 3.1.11 so everybody should be good for now using SSL, port 995

Yahoo support kindly gave me the hostname of their *new* Yahoo POP server and I tried it ([1]) and sure enough the problem re-appeared on both Thunderbird 3.1.11 and Apple Mail.app (and I am sure on Outlook as well, because 99% of the time if something fails with Thunderbird and Apple Mail.app, it fails with Outlook and in fact if you look at Get Satisfaction and the Yahoo boards it was failing with Outlook as well)

Therefore my conclusion (and it could be wrong but it's based on the facts of the previous paragraph but I could be missing something of course) is that it's a server issue with the new Yahoo POP server. We'll know for sure next week when the Yahoo Mail and Thunderbird developers take a look.

[1] Test
1. pop.mail.yahoo.com works with Thunderbird 3.1.11 and Apple's Mail.app using SSL and port 995
2. Yahoo's new mail server whose hostname I am not at liberty to disclose, SSL, 995  with Mail.app and Thunderbird
has a certificate exception which I overrode (certificate exception due to the fact that it's at a debug hostname not the production host name)
and then mail.app can't receive email
3. if i change it to New Yahoo mail server hostname,110, no SSL i.e. no connection security, then mail.app and Thunderbird can both receive email
Roland:
You're right, old pop.mail.yahoo.com server now works OK with SSL Port 995
(it didn't work at all with SSL since june 21)
TKS for your help!!!
You need to log in before you can comment on or make changes to this bug.