LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Outlook 2010 refuses to connect to Courier/Postfix server (on Ubuntu 11) via POP3 SSL (http://www.linuxquestions.org/questions/linux-server-73/outlook-2010-refuses-to-connect-to-courier-postfix-server-on-ubuntu-11-via-pop3-ssl-900735/)

phinole 09-02-2011 10:34 AM

Outlook 2010 refuses to connect to Courier/Postfix server (on Ubuntu 11) via POP3 SSL
 
Hopefully I won't be severely flamed for asking a question here that involves a MS product connecting to my Linux machine ...

I'm new to server administration but I've used Unix/Linux for years, so I guess I'm just good enough to be dangerous at this point.

I have a Ubuntu 11 web server that I use for both myself and my clients' hosting accounts. I just recently got it up and running and am having trouble with POP3 SSL email from MS Outlook 2010. I have no problems with webmail access on the box itself via IMAP, nor do I have problems using unencrypted POP3 on Outlook 2010 (port 110) and sending via Outlook over the SMTP server hosted at the same place using the same login/pwd. After ruling out accessibility problems with ports and firewalls, I realized that my clients might be refusing to connect to my server due to a self-signed certificate being in place.

I acquired a trial certificate from Geotrust this week and have successfully implemented it. The iPhone, which previously failed when the server used a self-signed cert, now connects to my mail server (although it did ask me to verify it could proceed due to a question about the cert). Outlook 2010 still refuses to do so.

This message appears in mail.log whenever the Outlook 2010 client attempts to retrieve mail:

pop3d-ssl: Unexpected SSL connection shutdown.

Outlook's error message: "reported error 0x80042108: Outlook cannot connect to your incoming (POP3) e-mail server."

After research, that hex error code appears to be a generic code for a variety of potential causes of failure.

Here are my settings in the Courier pop3d-ssl file:
Code:

SSLPORT=995
SSLADDRESS=0.0.0.0
POP3DSSLSTART=YES
POP3_STARTTLS=YES
POP3_TLS_REQUIRED=1
TLS_STARTTLS_PROTOCOL=TLS1
TLS_PROTOCOL=SSL3
TLS_CERTFILE=/etc/ssl/mail.mydomain.com.pem
TLS_TRUSTCERTS=/etc/ssl/intermediate.geotrust_cert.txt
TLS_VERIFYPEER=PEER
TLS_EXTERNAL=emailaddress

I appreciate any suggestions. Thanks.

raevin 09-02-2011 10:50 AM

I don't use Courier, nor Outlook, but this might be a good place to start:

http://puzzling.org/computing/help/courier

It gives a different error, but its something work at least looking into and seeing if it leads anywhere else.

phinole 09-02-2011 05:01 PM

Thanks for the suggestion. I changed both of the following variables for pop3d-ssl to be the following and it makes no difference:

Code:

TLS_STARTTLS_PROTOCOL=SSL23
TLS_PROTOCOL=SSL23


phinole 09-03-2011 12:36 PM

Solved
 
I solved the problem. I'm not 100% sure how, but it works.

Just screwing around with it and not intending to actually solve the problem, I changed the settings on the account in Outlook to use a 3 minute timeout and the SMTP encrypted connection to “auto” (which should have no bearing on POP3, so I assume the timeout change did the trick?).

It then connected and asked to validate my certificate, issued by "my name". It said to validate the cert, I should contact “my name”, which made me laugh. Anyway, I went through the import process and elected "auto", so Windows placed the cert in "Trusted Root Certification Authorities".

It works!!!! Please feel free to inquire if you want further details on my Courier config or anything else. I'd be happy to help someone else navigate this maze. THANK YOU for taking the time to contribute to this thread.


All times are GMT -5. The time now is 03:14 AM.