Hopefully I won't be severely flamed for asking a question here that involves a MS product connecting to my Linux machine ...
I'm new to server administration but I've used Unix/Linux for years, so I guess I'm just good enough to be dangerous at this point.
I have a Ubuntu 11 web server that I use for both myself and my clients' hosting accounts. I just recently got it up and running and am having trouble with POP3 SSL email from MS Outlook 2010. I have no problems with webmail access on the box itself via IMAP, nor do I have problems using unencrypted POP3 on Outlook 2010 (port 110) and sending via Outlook over the SMTP server hosted at the same place using the same login/pwd. After ruling out accessibility problems with ports and firewalls, I realized that my clients might be refusing to connect to my server due to a self-signed certificate being in place.
I acquired a trial certificate from Geotrust this week and have successfully implemented it. The iPhone, which previously failed when the server used a self-signed cert, now connects to my mail server (although it did ask me to verify it could proceed due to a question about the cert). Outlook 2010 still refuses to do so.
This message appears in mail.log whenever the Outlook 2010 client attempts to retrieve mail:
pop3d-ssl: Unexpected SSL connection shutdown.
Outlook's error message: "reported error 0x80042108: Outlook cannot connect to your incoming (POP3) e-mail server."
After research, that hex error code appears to be a generic code for a variety of potential causes of failure.
Here are my settings in the Courier pop3d-ssl file:
Code:
SSLPORT=995
SSLADDRESS=0.0.0.0
POP3DSSLSTART=YES
POP3_STARTTLS=YES
POP3_TLS_REQUIRED=1
TLS_STARTTLS_PROTOCOL=TLS1
TLS_PROTOCOL=SSL3
TLS_CERTFILE=/etc/ssl/mail.mydomain.com.pem
TLS_TRUSTCERTS=/etc/ssl/intermediate.geotrust_cert.txt
TLS_VERIFYPEER=PEER
TLS_EXTERNAL=emailaddress
I appreciate any suggestions. Thanks.