on 25-02-2021 15:51
Hi
Can anyone help me.
I connect to an IMAP server based in New Zealand using SSL 993 (inbound) and 465 (outbound) using my mobile phone on Vodafone / O2 networks. All works fine. I switch to Virgin Media network (wired / wireless) and I get the error message, 'Error checking mail. Error connecting: Unable to parse TLS packet header."
This started this week. All has been working for years but now I cannot connect via my phone (wireless) or my pc (wired) to retrieve email.
Tried to call Virgin but the representative was not helpful and dropped the call.
Thanks anyone who can help. Andy
27-02-2021 13:13 - edited 27-02-2021 13:14
It would be helpful to know the IMAP server's URL
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 27-02-2021 14:10
Hi
Thank you for responding
mail.digiweb.net.nz for IMAP inbound and SMTP. Port 993 SSL and 465 SSL outbound.
Works perfectly on O2 and Vodafone but fails on Virgin Media broadband wireless or wired.
Any help greatly appreciated. Thank you. Andy
on 27-02-2021 15:49
Not seeing the same issue when connecting to mail.digiweb.net.nz; not much help to you, I know, but does suggest a localised issue.
On your PC open a Command Shell or Terminal window and enter the following command to connect to mail.digiweb.net.nz:
curl -v imaps://mail.digiweb.nz
Review and redact any personal information from the resulting output and post here, for example (redaction shown in red for clarity):
C:\Users\[redacted]>curl -v smtps://mail.digiweb.net.nz * Rebuilt URL to: smtps://mail.digiweb.net.nz/ * Trying 202.174.80.113... * TCP_NODELAY set * Connected to mail.digiweb.net.nz (202.174.80.113) port 465 (#0) * schannel: SSL/TLS connection with mail.digiweb.net.nz port 465 (step 1/3) * schannel: checking server certificate revocation * schannel: sending initial handshake data: sending 184 bytes... * schannel: sent initial handshake data: sent 184 bytes * schannel: SSL/TLS connection with mail.digiweb.net.nz port 465 (step 2/3) * schannel: failed to receive handshake, need more data * schannel: SSL/TLS connection with mail.digiweb.net.nz port 465 (step 2/3) * schannel: encrypted data got 2896 * schannel: encrypted data buffer: offset 2896 length 4096 * schannel: received incomplete message, need more data * schannel: SSL/TLS connection with mail.digiweb.net.nz port 465 (step 2/3) * schannel: encrypted data got 858 * schannel: encrypted data buffer: offset 3754 length 4096 * schannel: sending next handshake data: sending 214 bytes... * schannel: SSL/TLS connection with mail.digiweb.net.nz port 465 (step 2/3) * schannel: encrypted data got 107 * schannel: encrypted data buffer: offset 107 length 4096 * schannel: SSL/TLS handshake complete * schannel: SSL/TLS connection with mail.digiweb.net.nz port 465 (step 3/3) * schannel: stored credential handle in session cache * schannel: client wants to read 102400 bytes * schannel: encdata_buffer resized 103424 * schannel: encrypted data buffer: offset 0 length 103424 * schannel: encrypted data got 101 * schannel: encrypted data buffer: offset 101 length 103424 * schannel: decrypted data length: 25 * schannel: decrypted data added: 25 * schannel: decrypted data cached: offset 25 length 102400 * schannel: encrypted data buffer: offset 0 length 103424 * schannel: decrypted data buffer: offset 25 length 102400 * schannel: schannel_recv cleanup * schannel: decrypted data returned 25 * schannel: decrypted data buffer: offset 0 length 102400 < 220 mail.digiweb.net.nz > EHLO [Redacted] * schannel: client wants to read 102400 bytes * schannel: encrypted data buffer: offset 0 length 103424 * schannel: encrypted data got 197 * schannel: encrypted data buffer: offset 197 length 103424 * schannel: decrypted data length: 112 * schannel: decrypted data added: 112 * schannel: decrypted data cached: offset 112 length 102400 * schannel: encrypted data buffer: offset 0 length 103424 * schannel: decrypted data buffer: offset 112 length 102400 * schannel: schannel_recv cleanup * schannel: decrypted data returned 112 * schannel: decrypted data buffer: offset 0 length 102400 < 250-mail.digiweb.net.nz Hello [redacted] < 250-SIZE 31457280 < 250-AUTH LOGIN CRAM-MD5 < 250-8BITMIME < 250 OK > HELP * schannel: client wants to read 102400 bytes * schannel: encrypted data buffer: offset 0 length 103424 * schannel: encrypted data got 101 * schannel: encrypted data buffer: offset 101 length 103424 * schannel: decrypted data length: 29 * schannel: decrypted data added: 29 * schannel: decrypted data cached: offset 29 length 102400 * schannel: encrypted data buffer: offset 0 length 103424 * schannel: decrypted data buffer: offset 29 length 102400 * schannel: schannel_recv cleanup * schannel: decrypted data returned 29 * schannel: decrypted data buffer: offset 0 length 102400 < 502 Command not implemented * Command failed: 502 > QUIT * schannel: client wants to read 102400 bytes * schannel: encrypted data buffer: offset 0 length 103424 * schannel: encrypted data got 117 * schannel: encrypted data buffer: offset 117 length 103424 * schannel: decrypted data length: 42 * schannel: decrypted data added: 42 * schannel: decrypted data cached: offset 42 length 102400 * schannel: encrypted data buffer: offset 0 length 103424 * schannel: decrypted data buffer: offset 42 length 102400 * schannel: schannel_recv cleanup * schannel: decrypted data returned 42 * schannel: decrypted data buffer: offset 0 length 102400 < 221 Service closing transmission channel * Closing connection 0 * schannel: shutting down SSL/TLS connection with mail.digiweb.net.nz port 465 * schannel: clear security context handle curl: (56) Command failed: 502
on 27-02-2021 16:50
Hi
Output as follows:
curl -v imaps://mail.digiweb.net.nz
* Trying 202.174.80.113...
* TCP_NODELAY set
* Connected to mail.digiweb.net.nz (202.174.80.113) port 993 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
* Closing connection 0
curl: (35) error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
Thanks again.
on 27-02-2021 23:24
Can you repeat the previous curl command but with Web Safe turned off.
FYI: in its default configuration Web Safe blocks access to http://nordvpn.com, to confirm its status type the following command:
curl -I http://nordvpn.com
If the returned Location value is:
on 27-02-2021 23:49
@用心棒 wrote:Can you repeat the previous curl command but with Web Safe turned off.
FYI: in its default configuration Web Safe blocks access to http://nordvpn.com, to confirm its status type the following command:
curl -I http://nordvpn.comIf the returned Location value is:
- https://nordvpn.com/ then Web Safe is off
- http://websafe.virginmedia.com/childsafe-blocked.html then Web Safe is on
I have been keeping an eye on this thread as a learning opportunity. Where does nordvpn come into play? I can't see any reference in the previous posts.
You asked for the previous curl query to be done on the SMTP server but the reply seems to indicate a query against the IMAP server. Could that add to the confusion?
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Please read the FAQs
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 28-02-2021 01:33
Running curl against nordvpn.com positively confirms Web Safe is off; that is its only role here.
on 28-02-2021 09:14
Hi - results below. web safe is turned off (from my understanding)
curl -I http://nordvpn.com
HTTP/1.1 301 Moved Permanently
Date: Sun, 28 Feb 2021 09:12:17 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 28 Feb 2021 10:12:17 GMT
Location: https://nordvpn.com/
cf-request-id: 08898201b6000040c0b734a000000001
Server: cloudflare
CF-RAY: 628905e2bc2b40c0-LHR
on 28-02-2021 09:23
And when I run curl to the imap server via Vodafone (hotspot to my mobile) I get the following. (The address for the incoming and outgoing servers is the same. mail.digiweb.net.nz)
curl -v imaps://mail.digiweb.net.nz
* Trying 202.174.80.113...
* TCP_NODELAY set
* Connected to mail.digiweb.net.nz (202.174.80.113) port 993 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA384
* Server certificate:
* subject: CN=*.digiweb.net.nz
* start date: Apr 5 00:00:00 2020 GMT
* expire date: Jul 2 12:00:00 2022 GMT
* subjectAltName: host "mail.digiweb.net.nz" matched cert's "*.digiweb.net.nz"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=RapidSSL RSA CA 2018
* SSL certificate verify ok.
< * OK IMAP4rev1 SmarterMail
> A001 CAPABILITY
< * CAPABILITY IMAP4rev1 AUTH=CRAM-MD5 UIDPLUS QUOTA XLIST CHILDREN
< A001 OK CAPABILITY completed
> A002 LIST "" *
< A002 BAD LIST not allowed in NonAuthenticated state
> A003 LOGOUT
< * BYE IMAP4rev1 Server logging out
< A003 OK LOGOUT completed
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (21) Quote command returned error