Jump to content

pop.spamcop.net with SSL (port 995), certificate problem?

rbeuker

By rbeuker
in SpamCop Email System & Accounts

Recommended Posts

rbeuker Newbie

rbeuker

Posted
Posted

I've been using my spamcop e-mail account for many years now, I really like it a lot! To retrieve my e-mail I've been using the pop.spamcop.net server and about 6 months ago or so I set it to use SSL to connect to that server (using port 995). This has always been working great.

Since a few days, however, my e-mail client (Mozilla Thunderbird 2.0.0.17) is giving me warnings about issues with the SSL certificate for pop.spamcop.net. Is this a known issue, or should I change anything on my end?

Thanks,

Ronald

Link to comment
Share on other sites
Miss Betsy T-shirt wearing out

Miss Betsy

Posted
Posted

It looks like about 1 year ago (in September, however), there were also problems with an expired certificate. I am not a client of the email system so I don't know how you would go about sending in a trouble ticket - copied from another topic about other problems with pop servers "have you tried the "Problem" button within SpamCop's Webmail screen? That it the best way recently to get support for the Webmail system." OTOH, an expired certificate should not prevent the email system from working, I understand. If no one else chimes in, then maybe it would be worthwhile to check and make sure nothing has changed on your end.

Miss Betsy

Link to comment
Share on other sites
mschmitt Member

mschmitt

Posted
Posted
Use "mail.spamcop.net" instead of "pop" and your problem should disappear. The security cert is for "mail" -- not for "pop" and doesn't expire until April 2009.

I'm getting the same problem, with OS X Mail. Changing to "mail.spamcop.net" doesn't help; it still uses the certificate issued to "pop.spamcop.net".

The error isn't expiry. The error is that there is no root certificate. It says:

pop.spamcop.net

Issued by Go Daddy Secure Certification Authority

Expires: Tuesday, September 28, 2010 3:04:08 PM US/Central

This certificate was signed by an unknown authority

I checked the keychain, and the only Go Daddy certificate is a different one, for "Go Daddy Class 2 Certification Authority".

Link to comment
Share on other sites
DavidT Been There

DavidT

Posted
Posted

I just tested using Thunderbird (2.0.0.0), using both server names (I was examining the certs using HTTPS connections previously). When I used "mail.spamcop.net" and SSL, I got the mismatch error, and saw that it was a GoDaddy cert for "pop," so I switched to "pop.spamcop.net" with SSL and grabbed my messages without an error. My Pegasus client wasn't so picky...it did SSL popping using either hostname without complaining.

I'll try updating my Thunderbird and see if that makes any difference.

[on edit] I updated to 2.0.0.17, restarted Thunderbird and it's happy doing an SSL pop on port 995 of pop.spamcop.net, but if anyone's experience is different than that, they should use the "Problem" report funtion in webmail.

DT

Link to comment
Share on other sites
  • 2 years later...
ViRGE Advanced Member

ViRGE

Posted
Posted

Is anyone else seeing this?

Somehow the SSL certificate for imap.spamcop.net has expired and been replaced with a very old certificate. The certificate I'm seeing via Outlook is a GoDaddy certificate valid from ‎Friday, ‎September ‎28, ‎2007 1:03:19 PM to ‎Tuesday, ‎September ‎28, ‎2010 1:03:19 PM.

I'm not sure what's going on there. It seems odd that such an old certificate is being used, never mind the fact that it's somehow been reinstalled some 8 months after it expired.

[Edit by turetzsr: moved from original Forum topic 11780]

Link to comment
Share on other sites
edt11x Newbie

edt11x

Posted
Posted

Is anyone else seeing this?

Somehow the SSL certificate for imap.spamcop.net has expired and been replaced with a very old certificate. The certificate I'm seeing via Outlook is a GoDaddy certificate valid from ‎Friday, ‎September ‎28, ‎2007 1:03:19 PM to ‎Tuesday, ‎September ‎28, ‎2010 1:03:19 PM.

I'm not sure what's going on there. It seems odd that such an old certificate is being used, never mind the fact that it's somehow been reinstalled some 8 months after it expired.

[Edit by turetzsr: moved from original Forum topic 11780]

I am seeing an old certificate also.

Cameron:Desktop edt$ openssl x509 -inform der -in imap.spamcop.net.cer -noout -text

Certificate:

Data:

Version: 3 (0x2)

Serial Number: 4275701 (0x413df5)

Signature Algorithm: sha1WithRSAEncryption

Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certificates.godaddy.com/repository, CN=Go Daddy Secure Certification Authority/serialNumber=07969287

Validity

Not Before: Sep 28 20:03:19 2007 GMT

Not After : Sep 28 20:03:19 2010 GMT

Subject: O=imap.spamcop.net, OU=Domain Control Validated, CN=imap.spamcop.net

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

Public-Key: (1024 bit)

Modulus:

00:9a:77:06:d6:99:69:38:57:b9:08:d3:68:f3:1c:

3e:d7:d6:dc:cf:e8:9f:b2:7f:fc:a5:b8:1a:85:50:

84:6a:56:bb:c7:e8:98:4a:0c:94:b0:8f:b5:2d:9f:

5f:20:9b:a5:15:e0:b9:50:cd:5b:91:44:6c:2c:8b:

ae:a8:d5:3a:d0:4b:44:99:d0:1d:8a:82:71:e3:33:

40:c2:a6:a2:a6:8b:61:26:a6:b1:60:2d:a2:1c:86:

7d:8f:91:00:59:42:5f:c2:96:20:1b:ee:13:a5:62:

af:f9:49:4b:dc:6c:3a:e3:dc:40:54:36:3c:da:07:

cb:2c:1e:cc:42:f1:60:df:7b

Exponent: 65537 (0x10001)

X509v3 extensions:

X509v3 Basic Constraints:

CA:FALSE

X509v3 Key Usage:

Digital Signature, Key Encipherment

X509v3 Extended Key Usage:

TLS Web Server Authentication, TLS Web Client Authentication

X509v3 CRL Distribution Points:

Full Name:

URI:http://certificates.godaddy.com/repository/godaddyextendedissuing.crl

X509v3 Certificate Policies:

Policy: 2.16.840.1.114413.1.7.23.1

CPS: http://certificates.godaddy.com/repository

Authority Information Access:

OCSP - URI:http://ocsp.godaddy.com

CA Issuers - URI:http://certificates.godaddy.com/repository/gd_intermediate.crt

X509v3 Subject Key Identifier:

36:04:3F:74:DB:CC:7F:D1:69:57:2C:E4:FB:95:57:07:A3:F8:6D:68

X509v3 Authority Key Identifier:

keyid:FD:AC:61:32:93:6C:45:D6:E2:EE:85:5F:9A:BA:E7:76:99:68:CC:E7

X509v3 Subject Alternative Name:

DNS:imap.spamcop.net, DNS:www.imap.spamcop.net

Signature Algorithm: sha1WithRSAEncryption

31:a7:4b:47:ca:b5:24:24:d6:f8:26:ee:53:63:6e:e4:60:11:

0c:0f:58:65:29:91:d9:ea:37:86:d7:66:18:3c:bd:3d:1d:d6:

0d:90:c4:01:7b:a2:d8:d5:f4:9a:3c:a5:e2:b0:62:99:6e:3f:

aa:88:51:ec:d0:dc:ec:9b:5e:c7:3e:0e:69:19:08:5e:21:05:

c4:dc:bc:a8:2c:03:45:b7:ce:d2:2a:b6:70:14:99:88:45:3a:

39:a7:68:1d:80:38:20:5c:62:d0:7d:c7:dc:70:a7:92:3e:ca:

37:11:23:f7:bf:db:b4:8c:ea:a8:56:ff:ad:b6:27:0b:61:46:

28:2d:2e:1e:9a:2b:22:0f:d8:d6:39:88:57:b8:e4:95:d2:4e:

b0:c3:91:09:fc:ce:fe:af:89:23:4d:0c:f6:96:3c:b8:e3:9b:

09:d1:6c:87:fe:fb:5c:8f:3e:c1:98:ba:42:b1:60:e2:78:e3:

21:be:34:a0:5e:b5:1b:b8:fa:f6:af:be:3f:07:7d:f3:16:17:

39:f4:37:c4:bb:8e:1c:b7:df:67:6d:b3:79:14:02:c5:d7:24:

58:9f:11:53:57:63:5f:72:d1:d9:53:56:7a:dc:08:d3:ca:c2:

4e:df:51:d0:ef:15:38:d0:34:cd:4f:e2:1f:2f:eb:e8:4e:4c:

68:26:a0:1b

Cameron:Desktop edt$

Link to comment
Share on other sites
Wazoo What Life?

Wazoo

Posted
Posted
Is anyone else seeing this?

Somehow the SSL certificate for imap.spamcop.net has expired and been replaced with a very old certificate. The certificate I'm seeing via Outlook is a GoDaddy certificate valid from ‎Friday, ‎September ‎28, ‎2007 1:03:19 PM to ‎Tuesday, ‎September ‎28, ‎2010 1:03:19 PM.

Yeah, saw it an hour or so ago. Fired off a note to JT/Support.

Link to comment
Share on other sites
ViRGE Advanced Member

ViRGE

Posted
Posted

Oh brother. Now Webmail is using an old certificate too.

webmail.spamcop.net uses an invalid security certificate.

The certificate expired on 9/28/2010 12:16 PM. The current time is 4/20/2011 1:19 AM.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...