Got a response back from the Network Admin

POP3S over port 995 is now working. Again, thanks for your help.

--- Thu, 10 Mar 2011 13:23:59 ---
Connect to 'pop.-beep-' port 995, timeout 180.
13:23:59.843 [*] Connection established to IP
13:23:59.953 [*] SSL/TLS session established: 3DES, CBC mode, keysize 192 bits
13:23:59.953 [*] Certificate user is cn=-beep-, ou=Mail, o=-beep-, l=-beep-l, sp=-beep-, c=-beep-
13:23:59.953 [*] Certificate is valid from Wed Feb 03 21:48:34 2010 to Fri Feb 04 21:48:34 2011
13:23:59.953 [*] Certificate fingerprint is -beep-
13:23:59.203 >> 0034 +OK <@domain.com>\0D\0A
13:23:59.203 << 0021 USER myemail\0D\0A
13:23:59.250 >> 0006 +OK \0D\0A
13:23:59.250 << 0015 PASS password\0D\0A
13:23:59.328 >> 0006 +OK \0D\0A
13:23:59.328 << 0006 STAT\0D\0A
13:23:59.375 >> 0011 +OK 1 976\0D\0A
13:23:59.375 << 0006 LIST\0D\0A
13:23:59.437 >> 0006 +OK \0D\0A
13:23:59.437 >> 0007 1 976\0D\0A
13:23:59.437 >> 0003 .\0D\0A
13:23:59.437 << 0008 RETR 1\0D\0A
13:23:59.484 >> 0006 +OK \0D\0A
13:23:59.484 >> 0031 Return-Path: <myemail>\0D\0A
13:23:59.484 >> 0030 Delivered-To: myemail\0D\0A
13:23:59.484 >> 0070 Received: (qmail 3123 invoked by uid 89); 10 Mar 2011 18:23:53 -0000\0D\0A
13:23:59.484 >> 0062 Received: by simscan 1.2.0 ppid: 3118, pid: 3119, t: 0.3650s\0D\0A
13:23:59.484 >> 0077 scanners: regex: 1.2.0 attach: 1.2.0 clamav: 0.96.4/m: spam: 3.3.1\0D\0A
13:23:59.484 >> 0057 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16)\0D\0A
13:23:59.484 >> 0016 X-Spam-Level: \0D\0A
13:23:59.484 >> 0070 X-Spam-Status: No, hits=-3.0 required=5.0 tests=ALL_TRUSTED,BAYES_00\0D\0A
13:23:59.484 >> 0030 \09autolearn=ham version=3.3.1\0D\0A
13:23:59.484 >> 0083 Received: from ME (HELO ?IP?) (IP)\0D\0A
13:23:59.484 >> 0081 by SERVER with (DES-CBC3-SHA encrypted) SMTP; 10 Mar 2011 18:23:53 -0000\0D\0A
13:23:59.484 >> 0032 From: ME\0D\0A
13:23:59.484 >> 0020 To: ME\0D\0A
13:23:59.484 >> 0039 Date: Thu, 10 Mar 2011 13:23:55 -0500\0D\0A
13:23:59.484 >> 0019 MIME-Version: 1.0\0D\0A
13:23:59.484 >> 0021 Subject: test POP3S\0D\0A
13:23:59.484 >> 0026 Reply-to: ME\0D\0A
13:23:59.484 >> 0051 Message-ID: <ID>\0D\0A
13:23:59.484 >> 0018 Priority: normal\0D\0A
13:23:59.484 >> 0043 X-mailer: Pegasus Mail for Windows (4.61)\0D\0A
13:23:59.484 >> 0044 Content-type: text/plain; charset=US-ASCII\0D\0A
13:23:59.484 >> 0033 Content-transfer-encoding: 7BIT\0D\0A
13:23:59.484 >> 0040 Content-description: Mail message body\0D\0A
13:23:59.484 >> 0002 \0D\0A
13:23:59.484 >> 0006 test\0D\0A
13:23:59.484 >> 0002 \0D\0A
13:23:59.484 >> 0003 .\0D\0A
13:23:59.484 << 0008 DELE 1\0D\0A
13:23:59.546 >> 0006 +OK \0D\0A
13:23:59.546 << 0006 QUIT\0D\0A
13:23:59.593 >> 0006 +OK \0D\0A
13:23:59.640 --- Connection closed normally at Thu, 10 Mar 2011 13:23:59. ---\0A\0A

Quick question - Is this the appropriate forum for bug report?

I'm running Pegasus 4.61 with Windows XP SP3.

As soon as I enable encryption (SSL on Port 993 or Port 143) Pegasus connects to the mail server but it doesn't download the messages anymore.

If I disable SSL, then messages are downloaded and removed from the server as expected.

As a side note and I don't know if it is relevant or not. This mailbox is also accessed by my blackberry. The messages on the server are flagged as read when Pegasus is polling the server.

Also, the "download only unread messages" box is not checked. So I'm expecting Pegasus to download any messages on the server regardless if they have been read or not.

Thanks.

EDIT: For smooth POP3S (POP3 + SSL) Please use port 995 instead of port 993 (meant for IMAP)

[quote user="Yaff"]As soon as I enable encryption (SSL on Port 993 or Port 143) Pegasus connects to the mail server but it doesn't download the messages anymore.[/quote]

Did you try STLS? How about retrieving session logs (Tools => Internet options => General at the bottom, please read the associated help for details)?

> Quick question - Is this the appropriate forum for bug report?

Yes but this is not a Pegasus Mail bug.

> As soon as I enable encryption (SSL on Port 993 or Port 143) Pegasus connects to the mail server but it doesn't download the messages
> anymore.
>
> If I disable SSL, then messages are downloaded and removed from the server as expected.

Might be two different servers are involved here and one is setup to not offer up read mail via POP3. The host names may be the same but since one is going in via port 143 and the other via 993 it does not mean that the same POP3 server is servicing both ports.

>
> As a side note and I don't know if it is relevant or not. This mailbox is also accessed by my blackberry. The messages on the
> server are flagged as read when Pegasus is polling the server. Also, the "download only unread messages" box is not checked. So I'm
> expecting Pegasus to download any messages on the server regardless if they have been read or not.

Go to File | Network configuration | General and turn on "Create Internet session logs (advanced diagnostic use only)"  

Checking this control tells Pegasus Mail to create special log files that show the entire exchange of information between it and the servers it connects to. Each session will be created in a file called TCPxxxx.WPM in your home mailbox directory (the "xxxx" is replaced by four digits). Creating session logs will slow down the performance of your system somewhat, and you should be aware that any username and password information exchanged between Pegasus Mail and the server will be shown in the log, *even* if you use SSL to secure the connection. Session logs are primarily useful if you need to debug a problem between Pegasus Mail and one of the servers it connects to - you should enable the option only on instructions from a system administrator or from Pegasus Mail technical support. [ Technical note: this control has the same effect as using a "-Z 32" commandline switch when you run Pegasus Mail ]

You can now try again to receive the mail and then look at the resulting TCP/IP debug file.  Do this with and without SSL.  Review of this file will tell you exactly what is going on between WinPMail and the server. You can send us a copy of the session log for analysis if you wish.  Munge the passwords before posting.

[quote user="idw"]Did you try STLS? How about retrieving session logs[/quote]

I'm currently experimenting with it.

It seams to work but I keep getting a "POP3 error: -ERR authorization first".

--- Wed, 09 Mar 2011 17:16:04 ---
Connect to 'mail server' port 110, timeout 180.
17:16:04.000 [*] Connection established to 206.123.6.14
17:16:04.046 >> 0044 +OK <26664.1299708960@mail002.contact.net>\0D\0A
17:16:04.046 << 0006 STLS\0D\0A
17:16:04.093 >> 0026 -ERR authorization first\0D\0A
17:16:04.093 << 0021 USER whatever\0D\0A
17:16:04.140 >> 0006 +OK \0D\0A
17:16:04.140 << 0015 PASS whatever\0D\0A
17:16:04.203 >> 0006 +OK \0D\0A
17:16:04.203 << 0006 STAT\0D\0A
17:16:05.250 >> 0011 +OK 1 986\0D\0A
17:16:05.250 << 0006 LIST\0D\0A
17:16:05.296 >> 0006 +OK \0D\0A
17:16:05.484 >> 0007 1 986\0D\0A
17:16:05.484 >> 0003 .\0D\0A
17:16:05.484 << 0008 RETR 1\0D\0A
17:16:05.531 >> 0006 +OK \0D\0A
17:16:05.687 >> 0031 Return-Path: <valid email>\0D\0A
17:16:05.687 >> 0030 Delivered-To: valid email\0D\0A
17:16:05.734 << 0006 QUIT\0D\0A
17:16:05.781 >> 0006 +OK \0D\0A
17:16:05.781 --- Connection closed normally at Wed, 09 Mar 2011 17:16:05. ---\0A\0A

Glad I read the above before pasting/posting... It had my USERID and PW in clear text :-)

Now if I look at a IMAP profile session that works:

--- Wed, 09 Mar 2011 17:12:04 ---
Connect to 'whatever' port 993, timeout 30.
17:12:04.671 [*] Connection established to IP
17:12:04.828 [*] SSL/TLS session established: RC4, OFB mode, keysize 128 bits
17:12:04.828 [*] Certificate user is cn=imap.gmail.com, o=Google Inc, l=Mountain View, sp=California, c=US
17:12:04.828 [*] Certificate is valid from Thu Apr 22 20:22:19 2010 to Fri Apr 22 20:32:19 2011
17:12:04.828 [*] Certificate fingerprint is whatever
17:12:04.828 >> 0071 * OK Gimap ready for requests from \0D\0A
17:12:04.828 << 0047 A1 LOGIN "userID" "password"\0D\0A
17:12:04.078 >> 0117 * CAPABILITY IMAP4rev1 UNSELECT LITERAL+ IDLE NAMESPACE QUOTA ID XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE\0D\0A
17:12:04.078 >> 0069 A1 OK User authenticated (Success)\0D\0A
17:12:04.078 << 0037 A2 STATUS "INBOX" (MESSAGES UNSEEN)\0D\0A
17:12:05.312 >> 0040 * STATUS "INBOX" (MESSAGES 7 UNSEEN 0)\0D\0A
17:12:05.312 >> 0015 A2 OK Success\0D\0A
17:12:05.312 << 0011 A3 LOGOUT\0D\0A
17:12:05.406 >> 0024 * BYE LOGOUT Requested\0D\0A
17:12:05.406 >> 0029 A3 OK 73 good day (Success)\0D\0A
17:12:05.406 --- Connection closed normally at Wed, 09 Mar 2011 17:12:05. ---\0A\0A

I see a clear message [SSL/TLS session established: RC4, OFB mode, keysize 128 bits]

With the error message I get on the POP3 using STLS I'm not even sure the session is encrypted. It might be just defaulting back to unencrypted and then download the message in clear text.

Thanks for any help.

[quote user="idw"]How about retrieving session logs[/quote]

Now here's the interesting log from the SSL session (not STLS)

--- Wed, 09 Mar 2011 17:30:12 ---
Connect to 'MAIL SERVER' port 993, timeout 180.
17:30:12.093 [*] Connection established to IP
17:30:12.187 [*] SSL/TLS session established: 3DES, CBC mode, keysize 192 bits
17:30:12.187 [*] Certificate user is cn=localhost, ou=Automatically-generated IMAP SSL key, o=Courier Mail Server, l=New York, sp=NY, c=US
17:30:12.187 [*] Certificate is valid from Mon Sep 10 14:01:09 2007 to Tue Sep 09 14:01:09 2008
17:30:12.187 [*] Certificate fingerprint is bla bla bla
17:30:13.437 >> 0239 * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.\0D\0A
17:30:13.437 << 0021 USER USERID\0D\0A
17:30:13.484 >> 0051 USER NO Error in IMAP command received by server.\0D\0A
17:30:13.484 << 0015 PASS PASSWORD\0D\0A
17:30:13.531 >> 0051 PASS NO Error in IMAP command received by server.\0D\0A
17:30:13.531 << 0006 STAT\0D\0A
17:30:13.593 >> 0051 STAT NO Error in IMAP command received by server.\0D\0A
17:30:13.593 << 0006 QUIT\0D\0A
17:30:13.640 >> 0051 QUIT NO Error in IMAP command received by server.\0D\0A
17:30:13.687 --- Connection closed normally at Wed, 09 Mar 2011 17:30:13. ---\0A\0A

So here we got confirmation of the encryption but once logged it doesn't POLL the server for messages. It simply quits. That's weird, isn't it?

[quote user="idw"]How about retrieving session logs[/quote]

Now here's the interesting log from the SSL session (not STLS)

--- Wed, 09 Mar 2011 17:30:12 ---
Connect to 'MAIL SERVER' port 993, timeout 180.
17:30:12.093 [*] Connection established to IP
17:30:12.187 [*] SSL/TLS session established: 3DES, CBC mode, keysize 192 bits
17:30:12.187 [*] Certificate user is cn=localhost, ou=Automatically-generated IMAP SSL key, o=Courier Mail Server, l=New York, sp=NY, c=US
17:30:12.187 [*] Certificate is valid from Mon Sep 10 14:01:09 2007 to Tue Sep 09 14:01:09 2008
17:30:12.187 [*] Certificate fingerprint is bla bla bla
17:30:13.437 >> 0239 * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc. See COPYING for distribution information.\0D\0A
17:30:13.437 << 0021 USER USERID\0D\0A
17:30:13.484 >> 0051 USER NO Error in IMAP command received by server.\0D\0A
17:30:13.484 << 0015 PASS PASSWORD\0D\0A
17:30:13.531 >> 0051 PASS NO Error in IMAP command received by server.\0D\0A
17:30:13.531 << 0006 STAT\0D\0A
17:30:13.593 >> 0051 STAT NO Error in IMAP command received by server.\0D\0A
17:30:13.593 << 0006 QUIT\0D\0A
17:30:13.640 >> 0051 QUIT NO Error in IMAP command received by server.\0D\0A
17:30:13.687 --- Connection closed normally at Wed, 09 Mar 2011 17:30:13. ---\0A\0A

So here we got confirmation of the encryption but once logged it doesn't POLL the server for messages. It simply quits. That's weird, isn't it?

[Permission Expired: Post Delete Permission Expired]

Sorry for duplicate msgs... dunno what went wrong...

[quote user="Thomas R. Stephenson"]

> Quick question - Is this the appropriate forum for bug report?

Yes but this is not a Pegasus Mail bug.[/quote]

Looking at the last SSL session (above) and how Pegasus quits right after logging, I'm not as convinced as you are.

And thanks for the extended response.

Here what we've got so far

POP3 on port 110 with no encryption works

POP3 on port 110 With STLS works but with an error message and no proof of encryption.

POP3 on 143 with STLS logs but don't download the messages

POP3 on 993 with SSL logs put don't download the messages

IMAP setup on port 143 with STLS logs and download messages as expected.

Connect to 'MAIL SERVER' port 993, timeout 180.

I guess I missed that port number the first time round, if you want to do POP3 SSL use port 995 instead of the IMAP4 port 993.   ;-)

[quote user="Thomas R. Stephenson"]

Connect to 'MAIL SERVER' port 993, timeout 180.

I guess I missed that port number the first time round, if you want to do POP3 SSL use port 995 instead of the IMAP4 port 993.   ;-)[/quote]

I want anthing but clear text.

The ISP's firewall is currently denying 995. I'm apparently their first customer asking for secure email. I guess they are no Hushmail provider...

I spoke with the Network admin this afternoon and he's the one who enabled 993 to allow the connection. He said he tested it and it worked. Whatever that means. On my end, the only way I was able to get a working secure connection to this account with my blackberry was by using  IMAP/SSL/993

If I get this right... Trying a SSL POP3 connection over the IMAP PORT 993 is bound to fail? (currently logging but not polling)

But if I get them to use SSL over 995 then it is going to work?

There is also the question of STLS POP3 over port 110. From the session log, can you tell what is going on? ie if it's secured or not. I don't have a sniffer installed on this machine right now.

Thank you all for your help btw. I don't say that enough...

I just sent an email to the netadmin asking to enable port 995 to allow standard POP3S exchange.

> I want anything but clear text.

Not really sure why since your message was traveling through the entire internet via plain text. Probably being trapped and archived someplace as well.

>
> The ISP's firewall is currently denying 995. I'm apparently their first customer asking for secure email. I guess they are no Hushmail
> provider...
>
> I spoke with the Network admin this afternoon and he's the one who enabled 993 to allow the connection. He said he tested it and it
> worked.

He said he could connect to port 993 using IMAP4 when he said it was open.  Probably used his phone to test it as well.

> Whatever that means. On my end, the only way I was able to get a working secure connection to this account with my blackberry was by using
>  IMAP/SSL/993

Correct, you were using IMAP4 and not POP3.  You can also use IMAP4 in Pegasus Mail is you want by setting it up in Tools | IMAP4 profiles.

> If I get this right... Trying a SSL POP3 connection over the IMAP PORT 993 is bound to fail? (currently logging but not polling)

It's not even logging in, all the commands you sent resulted in No from the server because you were using POP3 commands to talk to an IMAP4 server. It's like speaking German to English speaker, there is no communication.

> But if I get them to use SSL over 995 then it is going to work?

Hard to say, I do know I use 995 with POP3 all the time and it works fine.  Whether or not they can use it is another story entirely.

> There is also the question of STLS POP3 over port 110. From the session log, can you tell what is going on? ie if it's secured or not. I
> don't have a sniffer installed on this machine right now.

What you showed us was a plain text connection since they ignored the STLS command.

Connection established to 206.123.6.14
17:16:04.046 >> 0044 +OK <26664.1299708960@mail002.contact.net>\0D\0A
17:16:04.046 << 0006 STLS\0D\0A
17:16:04.093 >> 0026 -ERR authorization first\0D\0A
17:16:04.093 << 0021 USER whatever\0D\0A
17:16:04.140 >> 0006 +OK \0D\0A
17:16:04.140 << 0015 PASS whatever\0D\0A
17:16:04.203 >> 0006 +OK \0D\0A
17:16:04.203 << 0006 STAT\0D\0A
17:16:05.250 >> 0011 +OK 1 986\0D\0A
17:16:05.250 << 0006 LIST\0D\0A
17:16:05.296 >> 0006 +OK \0D\0A
17:16:05.484 >> 0007 1 986\0D\0A
17:16:05.484 >> 0003 .\0D\0A
17:16:05.484 << 0008 RETR 1\0D\0A
17:16:05.531 >> 0006 +OK \0D\0A
17:16:05.687 >> 0031 Return-Path: <valid email>\0D\0A
17:16:05.687 >> 0030 Delivered-To: valid email\0D\0A
17:16:05.734 << 0006 QUIT\0D\0A

A connection using STLS would have looked like this.

Connect to 'tstephenson.com' port 110, timeout 300.
16:24:23.250 [*] Connection established to 209.128.94.2
16:24:46.593 >> 0059 +OK <857855875.49878@tstephenson.com>, POP3 server ready.\0D\0A
16:24:46.593 << 0006 STLS\0D\0A
16:24:47.718 >> 0034 +OK Begin SSL/TLS negotiation...\0D\0A
16:24:47.718 [*] SSL/TLS session established: 3DES, CBC mode, keysize 192 bits
16:24:47.718 [*] Certificate user is cn=tstephenson.com
16:24:47.750 [*] Certificate is valid from Sat Aug 02 04:46:21 2003 to Fri Jul 28 04:46:21 2023
16:24:47.750 [*] Certificate fingerprint is 69DFF13CF3E35B65EC8F2051C0163571
16:24:47.750 << 0011 USER test\0D\0A
16:24:47.765 >> 0025 +OK test is known here.\0D\0A
16:24:47.765 << 0014 PASS <MUNGED>\0D\0A
16:24:49.484 >> 0046 +OK Welcome! 10369 messages (59849780 bytes)\0D\0A
16:24:49.484 << 0006 STAT\0D\0A
16:24:49.500 >> 0020 +OK 10369 59849780\0D\0A
16:24:49.500 << 0006 LIST\0D\0A
16:24:49.562 >> 0036 +OK 10369 messages, 59849780 bytes\0D\0A
16:24:49.562 >> 0008 1 3917\0D\0A
16:24:49.562 >> 0008 2 2206\0D\0A
16:24:49.562 >> 0008 3 3532\0D\0A
16:24:49.562 >> 0008 4 2987\0D\0A

> > I want anything but clear text.
>
> Not really sure why since your message was traveling through the entire
> internet via plain text. Probably being trapped and archived someplace as
> well.

Exactly... I don't want that anymore!

> He said he could connect to port 993 using IMAP4 when he said it was open.

> Probably used his phone to test it as well.

He actually tried with few different clients. Like you said, all IMAP. Their firewall was not even set to accept connection on 993. He had to make a new rule for it.

> Correct, you were using IMAP4 and not POP3. You can also use IMAP4 in

I know, I use it to retrieve emails from my webmail providers. I don't like it very much. Pegasus stalls for few seconds everytime it polls the IMAP servers. Outbound emails folders show the FROM field instead of the TO field, etc... I prefer the more transparent POP3 handling. I'd be happy to have a secure POP3.

> > But if I get them to use SSL over 995 then it is going to work? 

Got it.

> What you showed us was a plain text connection since they ignored the STLS

Oh well. The good news is they were able to set it right with SMTP. Lets hope they can do it for POP3S

Thanks again

--- Wed, 09 Mar 2011 20:17:15 ---
Connect to 'MAILSERVER' port 25, timeout 120.
20:17:15.468 [*] Connection established to IP
20:17:15.515 >> 0031 220 mail002.contact.net ESMTP\0D\0A
20:17:15.515 << 0023 EHLO [IP]\0D\0A
20:17:15.562 >> 0025 250-mail002.contact.net\0D\0A
20:17:15.562 >> 0014 250-STARTTLS\0D\0A
20:17:15.562 >> 0016 250-PIPELINING\0D\0A
20:17:15.562 >> 0014 250-8BITMIME\0D\0A
20:17:15.562 >> 0019 250-SIZE 20000000\0D\0A
20:17:15.562 >> 0031 250 AUTH LOGIN PLAIN CRAM-MD5\0D\0A
20:17:15.562 << 0010 STARTTLS\0D\0A
20:17:15.609 >> 0019 220 ready for tls\0D\0A
20:17:15.718 [*] SSL/TLS session established: 3DES, CBC mode, keysize 192 bits
20:17:15.718 [*] Certificate user is cn=mailserver, ou=Mail, o=beep, l=beep, sp=beep, c=beep

20:17:15.718 [*] Certificate is valid from Wed Feb 03 21:48:34 2010 to Fri Feb 04 21:48:34 2011
20:17:15.718 [*] Certificate fingerprint is bla bla bla
20:17:15.718 << 0023 EHLO [IP]\0D\0A
20:17:15.781 >> 0025 250-mail002.contact.net\0D\0A
20:17:15.781 >> 0016 250-PIPELINING\0D\0A
20:17:15.781 >> 0014 250-8BITMIME\0D\0A
20:17:15.781 >> 0019 250-SIZE 20000000\0D\0A
20:17:15.781 >> 0031 250 AUTH LOGIN PLAIN CRAM-MD5\0D\0A
20:17:15.781 << 0037 MAIL FROM:ME SIZE=433\0D\0A
20:17:15.875 >> 0008 250 ok\0D\0A
20:17:15.875 << 0026 RCPT TO:ME\0D\0A
20:17:15.921 >> 0008 250 ok\0D\0A
20:17:15.921 << 0006 DATA\0D\0A
20:17:15.984 >> 0014 354 go ahead\0D\0A
20:17:15.984 << 0032 From: ME\0D\0A
20:17:15.984 << 0020 To: ME\0D\0A
20:17:15.984 << 0039 Date: Wed, 09 Mar 2011 20:17:15 -0500\0D\0A
20:17:15.984 << 0019 MIME-Version: 1.0\0D\0A
20:17:15.984 << 0027 Subject: test secure SMTP\0D\0A
20:17:15.984 << 0026 Reply-to: ME\0D\0A
20:17:15.984 << 0053 Message-ID: <>\0D\0A
20:17:15.984 << 0018 Priority: normal\0D\0A
20:17:15.984 << 0043 X-mailer: Pegasus Mail for Windows (4.61)\0D\0A
20:17:15.984 << 0044 Content-type: text/plain; charset=US-ASCII\0D\0A
20:17:15.984 << 0033 Content-transfer-encoding: 7BIT\0D\0A
20:17:15.984 << 0040 Content-description: Mail message body\0D\0A
20:17:15.984 << 0002 \0D\0A
20:17:15.984 << 0017 asdl;kjasdfl;kj\0D\0A
20:17:15.984 << 0003 .\0D\0A
20:17:16.343 >> 0028 250 ok 1299719832 qp 24672\0D\0A
20:17:16.343 << 0006 QUIT\0D\0A
20:17:16.390 >> 0025 221 mail002.contact.net\0D\0A
20:17:16.390 --- Connection closed normally at Wed, 09 Mar 2011 20:17:16. ---\0A\0A

> > Quick question - Is this the appropriate forum for bug report?
> Yes but this is not a Pegasus Mail bug.
> Looking at the last SSL session (above) and how Pegasus quits right after logging, I'm not as convinced as you are.
> And thanks for the extended response.
> Here what we've got so far
> POP3 on port 110 with no encryption works
> POP3 on port 110 With STLS works but with an error message and no proof of encryption.

The server is not support STLS and so where is the Pegasus Mail bug


> POP3 on 143 with STLS logs but don't download the messages

It's not POP3 is plain text IMAP4 and in fact it rejected all of the POp3 commands.


> POP3 on 993 with SSL logs put don't download the messages

Again, on port 143 you are connecting to a IMAP4 server and trying to use POp3, where is the Pegasus Mail bug.

> IMAP setup on port 143 with STLS logs and download messages as expected.

SAnd of course again no Pegasus Mail bug.  Where is the bug you are talking about.  What you use the correct protocol to connect to the server it works.  Use the wrong protocol and it does not.

[quote user="Yaff"]Connect to 'MAILSERVER' port 25, timeout 120.[/quote]

'Mailserver' doesn't tell us where you are trying to connect, but this line

17:12:04.828 >> 0071 * OK Gimap ready for requests from \0D\0A

shows they use Gmail to handle the imap connections.

[quote user="Thomas R. Stephenson"]> > Quick question - Is this the appropriate forum for bug report?
> Yes but this is not a Pegasus Mail bug.
> Looking at the last SSL session (above) and how Pegasus quits right after logging, I'm not as convinced as you are.
> And thanks for the extended response.
> Here what we've got so far
> POP3 on port 110 with no encryption works
> POP3 on port 110 With STLS works but with an error message and no proof of encryption.

The server is not support STLS and so where is the Pegasus Mail bug

[/quote]

>Again, on port 143 you are connecting to a IMAP4 server and trying to use POp3, where is the Pegasus Mail bug.

Agreed, as established later in the thread. Thank you - again.

Here's a recap of where we were prior to your response.

I tried all options I had to establish a secure connection, with different results for each.

1) Secure IMAP works with IMAP profiles - No bugs, just anoying behavior.

2) Plain text POP3 works - No bugs

3) Protocol mismatch - Connection established - Pegasus ends with wrong conclusions and report "no new messages" instead of FAILING - I call this a bug

4) POP3 on port 110 with STLS enabled - Connection established - Server doesn't support STLS - Pegasus goes on and download the message in clear text anyway - Debatable if a bug or not. I think it is a bug. When I ask for secure and the transaction is done insecurely anyway... I call this a bug because I didn't get what I asked.

5) Easiest way to get this working... Make provider to support POP3S over Port 995. Pegasus is known to work well in this scenario.

BTW I love Pegasus and always did. By no mean I'm trying to offend another Pegasus lover by calling a bug a bug. This is a healthy conversation.

> 3) Protocol mismatch - Connection established - Pegasus ends with wrong
> conclusions and report "no new messages" instead of FAILING - I call this a
> bug

It got an answer indicating that there were no message when it sent the list command to the server.  Of course this made no sense at all the the IMAP4 server,  Try using any other mail client and connect to a IMAP4 host using the POP3 protocol and what kind of gibberish you get.  Most of them will probably not even allow you to set the wrong port though.

If you call it a bug when you are trying to use the wrong protocol to make a POP3 connection to an IMAP4 host and the mail client does not tell you that you are using the wrong protocol then you have entirely different definition of a bug that most of us do.

> If you call it a bug when you are trying to use the wrong protocol to make a POP3 connection to an IMAP4 host and the mail client does not tell you that you are using the wrong protocol then you have entirely different definition of a bug that most of us do.

It depends to who you talk.

A hardcore programmer will say "rtfm"... My product works if you use it within it's specs.

A QC expert will say, if two connections are not meant to be... Then prevent them.

A hacker will say, this is not a bug, it's a feature. Let see how we can exloit it - make this thing to play dead, roll over and give the paw.

I sit in the QC seat. You? Sorry I couldn't resist. But lets focus on resolution. You found the wrong guy for that kind of argument and I can easily see how fast this thread will derail. You guys made very good comments and suggestions to get this thing work. I will be able to get what I want without you having to touch a single line of code. I still think we've also highlighted areas for improvements if you want to make Pegasus more robust. The rest is up to you. Call it a suggestion if it makes you feel better.