[PLUG] Thunderbird, Ubuntu, IMAP, timeout

Joe Pruett joey at clean.q7.com
Thu Jul 2 15:18:09 UTC 2009


> Thanks. Chalk it up to SUE (Stupid User Error). I was hitting the TLS button
> instead of SSL.

and for those not knowing the difference between those acronyms:

SSL - secure sockets layer

this is a mechanism where the end systems negotiate an encrypted 
connection automatically before any user data is transmitted.  if you 
telnet to an ssl port, you won't see any data because the far end is 
expecting the beginning of an encryption handshake to exchange keys and 
other magic.

TLS - transport layer security

this is almost the same as ssl, but it has an extra dimension for mail 
(and probably other) clients.  tls does the same kind of encryption 
handshake with slightly different (better, stronger, probably not faster) 
magic.  but it also implies that tls can be invoked after a regular 
non-encrypted session has been started.  so you can connect to the 
non-encrypted port (smtp, imap, pop3) and then after you get the 
appropriate banner, but before you send any sensitive info, you can send a 
command that will start a tls session.  for smtp/imap it is starttls, for 
pop3 is it stls.

and just to confuse things, if you use the ssl setting, it will almost 
certainly really be a tls encryption that you get.  all that happens is 
that there is an implied start tls command prior to any data transfer.

so, you have to use the correct setting based on which port you're 
connecting to.  tls expects clear text and will send that start command, 
ssl expects an immediate tls/ssl handshake.

smtp 25, smtps 265
pop3 110, pop3s 995
imap 143, imaps 993




More information about the PLUG mailing list