Search The ForumSearch   RegisterRegister  LoginLogin

MailBee IMAP4
 AfterLogic Forum : MailBee IMAP4
Subject Topic: IMAP4 and SSL? Post ReplyPost New Topic
Author
Message << Prev Topic | Next Topic >>
Ed Carp
Guest Group
Guest Group


Joined: 10 November 2003
Online Status: Online
Posts: 262
Posted: 28 March 2006 at 1:31am | IP Logged Quote Ed Carp
I hacked the code in IMAP4Demo2.cmdGetMailList_Click:

    ' Prevent clicking the button while messages list download is progress
    cmdGetMailList.Enabled = False
    
    ' Add code to make SSL/TLS work
    Set oSSL = CreateObject("MailBee.SSL")
    oSSL.LicenseKey = txtKey
    If Not oSSL.Licensed Then
        MsgBox "SSL License key is invalid or expired"
        Exit Sub
    End If
    Set oMailer.SSL = oSSL
    oMailer.SSL.UseStartTLS = True

    ' We'll use this message object to convert dates from
    ' e-mail date format into Windows dates.
    Set oUtilMsg = New MailBee.Message

The connection to the server times out, but "DisplayError oMailer" returns:

Timeout occurred, Error #5
Server responded: MBC000001 OK STARTTLS completed

Does the IMAP4 component not support SSL/TLS, or am I doing something wrong? Thanks in advance!!
Back to Top View Ed Carp's Profile Search for other posts by Ed Carp
 
Alex
AfterLogic Support
AfterLogic Support
Avatar

Joined: 19 November 2003
Online Status: Offline
Posts: 2206
Posted: 28 March 2006 at 9:59am | IP Logged Quote Alex
We've inserted the code you provided us with in the same place of MailBee IMAP4 Demo2 sample and tested this sample in conjunction with our IMAP4 server. Everything works fine, and we could not reproduce the issue.

Thus, could you please provide us with a test account on your IMAP4 server, so we would be able to reproduce and investigate the issue?

Also, to investigate the problem in more detail, could you please enable logging IMAP4 session into a file, run your code again, try to reproduce the problem and send us the log for examination?

You can enable logging as follows (in VB syntax):

Code:

oMailer.EnableLogging = True
oMailer.LogFilePath = "C:\my_log.txt"
oMailer.ClearLog


NOTE: make sure your application has the permissions to write to the specified location.

You can send us the test account details along with MailBee log file to support@afterlogic.com.

Thanks in advance.

Regards,
Alex
Back to Top View Alex's Profile Search for other posts by Alex
 
Ed Carp
Guest Group
Guest Group


Joined: 10 November 2003
Online Status: Online
Posts: 262
Posted: 28 March 2006 at 2:57pm | IP Logged Quote Ed Carp
Hope this helps:

02:13:24 [MailBee IMAP4 v. 5.4.0.72. Trial version. 17 day(s) left]
02:13:24 [Connecting to server intuitives.mine.nu at port 143]
02:13:25 [Switching to SSL over regular port mode]
02:13:25 [Initiating SSL Connection]
02:14:25 [Error: SSL Init Failed]
02:14:25 [Error: Connection failure]
Back to Top View Ed Carp's Profile Search for other posts by Ed Carp
 
Ed Carp
Guest Group
Guest Group


Joined: 10 November 2003
Online Status: Online
Posts: 262
Posted: 28 March 2006 at 3:34pm | IP Logged Quote Ed Carp
Just additional information, I can connect to this account with Thunderbird - it complains about the expired certificate, but does it anyway. If the expired certificate is the prolem, how can this be (1) communicated to the programmer, and (2) overridden? Thanks!
Back to Top View Ed Carp's Profile Search for other posts by Ed Carp
 
Alex
AfterLogic Support
AfterLogic Support
Avatar

Joined: 19 November 2003
Online Status: Offline
Posts: 2206
Posted: 28 March 2006 at 5:02pm | IP Logged Quote Alex
Thank you for the test account and additional information. From our testing, it turns out the server just forcibly closes the connection on any attempt to start TLS negotiation. The server does not return any data at all and simply closes the connection.

As for Thunderbird, I think it tells "the certificate was expired" as best guess. Perhaps, it displays this message whenever the server closes the connection when TLS/SSL negotiation starts.

After STARTTLS failure, Thunderbird still connects in non-TLS mode. You can do the same with MailBee: reconnect in non-TLS mode if STARTTLS failed.

Code:

...
oMailer.Connect "server", 143, "user", "pass"
If oMailer.ErrCode = 6 Then
  MsgBox "The server has probably rejected your certificate. Using non-TLS mode"
  Set oMailer.SSL = Nothing
  oMailer.Connect "server", 143, "user", "pass"
End If


However, there indeed was an issue in MailBee with incorrect setting of ErrCode property on such errors. Now it's set to correct value 6 (server suddenly closed the connection). You can get the updated version of MailBee.dll at http://www.afterlogic.com/updates/mailbee.zip

Regards,
Alex
Back to Top View Alex's Profile Search for other posts by Alex
 
Ed Carp
Guest Group
Guest Group


Joined: 10 November 2003
Online Status: Online
Posts: 262
Posted: 28 March 2006 at 5:58pm | IP Logged Quote Ed Carp
Thanks for the reply :)

What leads me to believe that Thunderbird actually connects in TLS mode is that when it returns a popup telling me that the certificate is expired, it tells me the domain and host name, and the expiration of the certificate, which is non-random. Thunderbird is also indicating in a second dialog box that it is, indeed, receiving a certificate, so I'm confused, to say the least!

I have sent a followup email to support@afterlogic.com with the exact dialog boxes. Hope this helps!
Back to Top View Ed Carp's Profile Search for other posts by Ed Carp
 
Alex
AfterLogic Support
AfterLogic Support
Avatar

Joined: 19 November 2003
Online Status: Offline
Posts: 2206
Posted: 29 March 2006 at 8:05am | IP Logged Quote Alex
Thank you for the additional info. After further investigation, we found the mail server you're using does not strictly complies to TLS/SSL protocol specification. There is a number of secure protocols available (PCT, SSL2, SSL3, TLS1, autodetect). Autodetect option means the most secure protocol supported by the mail server must be used. However, the IMAP4 server you're using does not support "autodetect" option. As for Thunderbird, the protocol to use is specified in account settings, so that user manually selects whether TLS1 or SSL should be used, and autodetect option is not tried.
With MailBee, you can also select the exact protocol to be used (SSL.Protocol property).

The following code works fine:
Code:

SSL.UseStartTLS = true
SSL.Protocol = 4
Set oMailer.SSL = SSL
oMailer.Connect "server", 143, "user", "pass"


"SSL.Protocol = 4" means TLS1 protocol must be used (default value is 0 which means "autodetect".

Regards,
Alex
Back to Top View Alex's Profile Search for other posts by Alex
 
Ed Carp
Guest Group
Guest Group


Joined: 10 November 2003
Online Status: Online
Posts: 262
Posted: 30 March 2006 at 10:47am | IP Logged Quote Ed Carp
That worked - excellent! Thanks!
Back to Top View Ed Carp's Profile Search for other posts by Ed Carp
 

If you wish to post a reply to this topic you must first login
If you are not already registered you must first register

  Post ReplyPost New Topic
Printable version Printable version

Forum Jump

Powered by Web Wiz Forums version 7.9
Copyright ©2001-2004 Web Wiz Guide