on 16-07-2021 17:25
A client of mine has been having this problem for a while. Her date and time are set correctly, she uses Postbox for email. These screenshots were all taken of the same incident.
on 16-07-2021 19:43
The first thing that springs to mind is that this is nothing to do with imap.ntlworld.com
Read the error message again.
js-agent.newrelic.com:443 uses an invalid security certificate.
Is your client on Virgin Media broadband when they experience this error.
Tim
P.S. The recommended server for all four Virgin Media domains including ntlworld.com is imap.virginmedia.com port 993 SSL/TLS
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 16-07-2021 20:01
Thanks Tim. Yes, I've read the error message and looked at newrelic.com, which seems to be a software company. I have no idea why that is being invoked when accessing the server, which is indeed imap.virginmedia.com port 993 SSL/TLS in their email client settings.
My client is using VM broadband and has nothing else as far as I know.
Ian
on 16-07-2021 20:31
I see two different https requests here, they're not going to be anything to do with IMAP, it's more likely linked to postbox dealing with links inside one or more emails.
Tim
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 17-07-2021 07:07
You've actually got two different errors going on here anyway,
Invalid Certificate error Certificate Authority not trusted.
When an SSL connection is negotiated, the certificate chain is passed to the client machine. This SHOULD include the Root certificate, although where it's expected the client has the Root Certificate already - this can be omitted.
Previously I've had a user send me the certificate chain from one of these connections - and when I check on my machine, the chain verifies perfectly well. I've speculated as to what's going on here but to be frank I'm still in the dark. The only thing I haven't done is get them to check the Untrusted Store in certmgr to see if the certificate has somehow found it's way into there on their machines.
The second error is that the client cannot agree a common cypher with stats.g.doubleclick.net:443 - This isn't down to the IMAP server and suggests to me that the connection is being proxied.
Are you able to get your client to run the following commands
nslookup stats.g.doubleclick.net
nslookup stats.g.doubleclick.net 8.8.8.8
Tim
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 17-07-2021 19:12
Tim - thanks for the useful info about email processes - not my specialist subject! I'm beginning to think that I need to check their machine again for malware.
I'll run your suggestion on their machine next week and see if anything useful pops up.
Best wishes,
Ian
on 17-07-2021 20:34
As stated - this is nothing to do with Virgin Media's IMAP server. The server ONLY listens on port 993 SSL The only mail protocol that uses port 443 is Microsoft's MAPI service - which is used on Microsoft Exchange. VM don't use Exchange so whatever is going on with the https:// connection - it's possibly down to something within a downloaded mail.
Tim
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
on 18-07-2021 14:27
Thanks Tim. The port is a good clue. I'll investigate when I get a chance and post back anything I find that's useful.
Ian