TB45.3.0: Certificate errors when using Get all New Messages with multiple mail hosts
I find that I am getting certificate error when using the "Get All New Messages" function. Or accessing different mailhosts in quick succession.
I have multiple mail hosts; Gmail, my ISP and my webhost. The certificate errors that arise seem to be because they are getting muddled. So an attempt to access a email accounts on my ISP will go fine, but when it attempts to access an email account on my webhost it may fail - displaying the Add Security Exception dialog. - the Server Location Field (on the Add Security Exception dialog) points at my webhost. (which I would expect) - "Viewing the certificate" however points to my ISP. (which I would not expect) I do not confirm any of the security exceptions.
It is almost as if when you try to get mail from an account shortly after getting email from another account, the certificate details for the previous account get read rather than the certificate details for the account being accessed. Or possibly the other way round - certificates are one of those things that for me are just meant to work without user comprehension!
Server settings have not recently changed - but the sub-version of TB has.
Todas as respostas (7)
What anti virus do you use? Does it mess with certificates? (many do to perform man in the middle style hacks to access your secure connections)
Matt said
What anti virus do you use? Does it mess with certificates? (many do to perform man in the middle style hacks to access your secure connections)
Thanks, I use the current version of Norton Security (22.7.1.32) - which to the best of my belief does not do this sort of hack - unless something has changed in the last week, but then I am not aware that Norton has updated anything other than the virus definitions in the last week.
(I'm on Windows 7 SP2 Home Premium - fully updated - apart from the Get Win 10 nags)
If you ever give in to the nags, look out for the page with talks about new things baked in. In small print down the bottom is the option to keep your current defaults. Saved me untold hours resetting things and reinstalling programs.
The certificate should not get mixed up. Try turning off any email scanning in Norton and see if that has any effect. It is unlikely Norton are scanning your mail anyway as you are talking about security errors. They do not scan SSL/SLT secured email connections or IMAP mail accounts. There are not many pop mail server with no connection security left.
Matt said
The certificate should not get mixed up.
I know but there is no other way in which I can account for the situation described in the OP!
Try turning off any email scanning in Norton and see if that has any effect. It is unlikely Norton are scanning your mail anyway as you are talking about security errors. They do not scan SSL/SLT secured email connections or IMAP mail accounts. There are not many pop mail server with no connection security left.
Thanks, again All my connections are secured. I will wait a while to see if others pitch in before I start inhibiting Norton - which would be a diagnostic step rather than a long term solution.
Diagnostic steps are what you have.
Matt said
Diagnostic steps are what you have.
Thanks,
I know! But I was hoping that before I start disabling security functions to diagnose a security problem, someone might come up with a solution!
However you were probably on the right track. On Friday when I forced a live update of Norton it wanted a restart afterwards - which implies to me a code fix as well as a definition update. The version number has not changed, but the problem is no longer occurring - at least so far - two days on.
So the finger points to some interaction with Norton but the case is not-proven. Unless someone puts their hand up.
lets put Norton in perspective here.
Symantec / Norton admit the following limitations on their email scanning. 1. It does not scan IMAP mail accounts at all. 2. It does not scan email connections that are secured by SSL/TLS. Unless you are using POP mail on port 110 with no SSL/TLS then Nortons mail scanner does not work. It can however mess things up. Disabling it does not reduce your security, it just formalizes what is already occurring.
As for a Norton's update fixing the issue, I am sure that is exactly what occurred.