Re: Modest send & receive problem
 

Will try to see if this is the problem, but frankly I doubt it is.

Re: Modest send & receive problem
 

I am pretty sure.

Else it may be a certificate problem, which I could exclude in my case.
Try
openssl s_client -connect imap.domain.net:993
or
openssl s_client -connect imap.domain.net:993 -ssl3
(should or better may fail)
openssl s_client -connect imap.domain.net:993 -tls1
(should work)

Re: Modest send & receive problem
 

I hope it tries TLS first (1.2, 1.1, 1.0) *and then* SSL.

Re. "a port is just a port". STARTTLS is not just TLS over port 143. It is actually normal IMAP on 143 and then (when already "inside") switching to an encrypted channel (via TLS).

So you could not just hack Modest to to STARTTLS on 993 and hope it will work. (in case this was somehow implicitly being suggested).

I guess Fremantle is slowly becoming obsolete..

Re: Modest send & receive problem
 

So, when I execute openssl s_client -connect imap.domain.net:993 -ssl3, I get :

And when I execute openssl s_client -connect imap.domain.net:993 -tls1, I get a bunch of things and at the end I have a message that says :

So, if I understand correctly it is exactly what you said.

But now how to use my account in modest? Should I put "Normal (TLS)". Will it be secured that way? In the configuration page of my hosting provider I have some settings :


And for what I understand it will not be secured if I use IMAP on port 143 as it will not use SSL / TLS, and in modest settings if I put "Normale (TLS)", it will use port 143, and port 25 for SMTP (which is not available for my provider : 465 or 587).

How to configure modest knowing those informations to have a secure connection to my mail accounts?

Re: Modest send & receive problem
 

Damn. :mad:
Looks like you are doomed, too.

Try TLS on 143 for incoming
and TLS 587 on outgoing.

This should be safe (if working).
But one thing I did never understand about STARTTLS (which is used as setting "Normal (TLS)") is when it connects normally and only after connection established switches to TLS how do I know that I have a secured connection and not a normal one?
So take above 'secure' with a grain of salt!

t-online does not provide port 143, even more :mad:

Re: Modest send & receive problem
 

Thanks for the suggestion, will try and post feedback.

But if it connects normally this means that my username and password goes without encryption, so how does this help me if afterwards the connection gets encrypted, knowing that somebody sniffing the network would get my credentials. This in addition to what you said.

Re: Modest send & receive problem
 

That is what the tick marker 'Secure Authentication' is for?

Re: Modest send & receive problem
 

And I do not believe we will be succesful with our modest STARTTLS anymore, as this implies a connection request without securing.
And the German providers started a campaign about secure mails in April about that, so I guess they will also not support STARTTLS anymore. Will ask in the German forum.telekom.de but do not believe they will do so for a handful of guys/nerds/fanatics.

So is my last hope is freemangordon but he is overwhelmed at the moment. So this might take some time.

--
uh, wait. Quoting myself
But that is exactly what I use for securesmtp.t-online.de:587 (with TLS). And I can send mails. So maybe asking for port 143 ...

Re: Modest send & receive problem
 

Slowly? Sadly even latest compilations of cli only programs for rpi fail on n900(frozen depths is a good example, too new glibc etc), without upgrading the whole stack... yeah, with hwkb jolla does seem like the true successor n950 could have been, sorry for OT

Re: Modest send & receive problem
 

STARTTLS does TLS before sending credentials. That's the point. :)
"Secure Authentication" probably is something like CRAM-MD5 or, ie. credentials are not sent in the clear (but not necessarily 'secure' by today's standards either) even if STARTTLS isn't supported.

Malakai: Have you tried "Normal (TLS)", ie. STARTTLS on port 143 (plus "Secure Authentication")?