Imap SSL connections issues.

0 votes
asked Jun 7, 2011 by _Oz_ (360 points)
edited Jun 11, 2011

Hello. I faced with some issues with Imap SSL connections.

The code, listed below is working fine:

            _imap.Connect(host, Imap.DefaultPort);

        var parameters = new TlsParameters();
        parameters.CommonName = host;
        parameters.CertificateVerifier = new CustomCertificateVerifier();
                    _imap.Secure(parameters);
                    _imap.Login(userName, password);

internal class CustomCertificateVerifier : ICertificateVerifier
{
    public TlsCertificateAcceptance Verify(TlsSocket socket, string commonName, CertificateChain certificateChain)
    {
        return TlsCertificateAcceptance.Accept;
    }
}

But it is not exactly what i want. The code below produce timeout exception:

            var parameters = new TlsParameters();
        parameters.CommonName = host;
        parameters.CertificateVerifier = new CustomCertificateVerifier();

        _imap.Connect(host, port, parameters, ImapSecurity.Explicit);
                    _imap.Login(userName, password);

Error text:

2011-06-07 17:59:31,969 Oz NT AUTHORITYSYSTEM [7] ERROR Services.Windows.MailServer.MailServerFacade [(null)] - RefreshInbox, check new emails exception. Rebex.Net.ImapException: Timeout exceeded. at Rebex.Net.Imap.QztfFZ() at Rebex.Net.Imap.Connect(String serverName, Int32 serverPort, TlsParameters parameters, ImapSecurity security)

Our mail server logs: Session 26457; child 8 Tue 2011-06-07 17:57:29: Accepting IMAP connection from [81.222.243.70:10162] to [81.222.243.69:993] Tue 2011-06-07 17:58:30: * SSL error 0 The operation completed successfully. Tue 2011-06-07 17:58:30: IMAP session terminated, (0 bytes)

So, coul you point out, what things I'm doing wrong? Thank you.

Applies to: Rebex Secure Mail

1 Answer

0 votes
answered Jun 7, 2011 by Lukas Matyska (42,630 points)
edited Jun 8, 2011

Actually, the _imap.Connect(host, Imap.DefaultPort, parameters, ImapSecurity.Explicit); method is equivalent to sequence of calls:

_imap.Connect(host, Imap.DefaultPort);
_imap.Secure(parameters);

But from the log you attached, it seems you are connecting to the Imap.DefaultImplicitSslPort (993) in Explicit mode, which is the probable cause of the Timeout exception. Please change the port to the Imap.DefaultPort (143) or the security method to the ImapSecurity.Implicit.

commented Jun 7, 2011 by _Oz_ (360 points)
edited Jun 8, 2011

it seems you are connecting to the Imap.DefaultImplicitSslPort (993)

That's correct. Should I connect to Port 143 even if I want secure connection?

commented Jun 8, 2011 by Lukas Matyska (42,630 points)
edited Jun 8, 2011

Yes, use the default IMAP port 143 (with ImapSecurity.Explicit).

For secure connections you can choose between two methods: Implicit and Explicit.
In Implicit mode you connect to port 993, in Explicit mode you connect to port 143.
Don't worry, in both cases, connection will be secured by the TLS/SSL layer.

...