Re: Question about [CalMail] SSL failure on Mac OS X [10.3]

As an addendum to Aron's summary, I did not know about this technote
or encounter the bug in my testing. The 5.2.1 SSL bug I was chasing
was not reported explicitly by anyone else.

I upgraded to Eudora 6.0.2 this morning in order to try to correct
the continued failures with SSL connections to CalMail under Eudora
5.2.1 / OS X 10.3.2. This was successful -- SSL now works correctly
and I _was_ prompted by Eudora to add the certificate; I did not need
to add it manually as technote Aron references below describes.
(Perhaps this is because I applied the 6.0.2 updater before I ever
ran the 6.0 UCB install ?)

I just opened Keychain Access to verify that the certificate was
added -- it's there. (Perhaps the bug will manifest later -- if it
disappears, now I know how to add it back manually.)

To echo Aron's comments, there are, indeed, some odd inconsistencies
with this problem.

Rob Johnson

Aron Roberts writes (1/16/04 at 1:05 PM -0800) :
   (Concerning - [MAGNet] Re: Question about [CalMail] SSL failure on Mac OS) :

>Hi Dan,
>
> (I'm copying the MAGNet list on this issue, as it's likely to be
>of widespread interest.)
>
>>I'm working with someone ... who went ahead and did the early
>>migration to CalMail from UCLink. In a nutshell, he can only send
>>and receive mail if SSL is turned off. If he does turn on SSL
>>before trying to send or receive, the task status window flies by
>>as usual without displaying an error message, but messages to be
>>sent stay in the queued state and no new messages are pulled down
>>from the server ... he is using Mac OS 10.3.2 with Eudora 6.0.1.
>>
>>For now, we've turned off SSL so that he can continue to send and
>>recive mail. Have you had experience with what can cause Eudora's
>>SSL to fail in this context?
>
> Yes, we've seen this issue as well. The presumed cause and a
>suggested workaround is provided below.
>
>Background
>----------
>The documentation for configuring email programs -- such as Eudora,
>Outlook, Outlook Express, Netscape/Mozilla, and Mail for Mac OS X --
>for use with the new campus email system, CalMail, encourage
>enabling SSL/TLS encryption for email connections.
>
> Doing so will protect users' email passwords from being
>intercepted and also offers privacy for email communications between
>client and server.
>
> However, for some -- not all -- Macintosh 6.0.x Eudora users
>running under Mac OS X 10.3 ("Panther"), SSL/TLS encrypted
>connections appear to fail silently. No error messages appear, but
>mail is neither received nor sent.
>
>Suggested cause
>---------------
>QUALCOMM claims that Mac OS X 10.3 has a bug which prevents Eudora
>from adding an initial certificate to the Keychain.
>
>Proposed workaround
>-------------------
>Assuming this is accurate, and unless/until Apple fixes this bug in
>Mac OS X 10.3, please try QUALCOMM's suggested workaround -- which
>worked for us -- at:
>
> "Connecting to an SSL server using Eudora on Panther"
> Document ID: 2492HQ
> http://www.eudora.com/techsupport/kb/2492hq.html
>
> As an alternative, you can do exactly what you did for this user:
>leave SSL/TLS encryption for sending and receiving mail in Eudora
>turned off (which is Eudora's default configuration), or turn it off
>if you've already enabled it.
>
> This information will be added to CalMail's Eudora for Mac
>configuration instructions and (forthcoming) troubleshooting
>instructions. It's odd that none of us, nor any of the CalMail
>pilot testers, found or reported this problem until just recently.
>(Rob Johnson reported a similar or identical problem earlier this
>week, but we didn't explore it with him in depth, since we were
>pursuing a more general problem with him.)
>
> If you have any further information you'd like to share regarding
>this issue, please follow-up with CalMail consulting at
><consult@berkeley.edu>.
>
>Aron Roberts
>Workstation Software Support Group
>
>At 21:16 -0800 2004-01-15, CalMail Consulting wrote:
>>Hi Dan,
>>
>>I had another user with the same problem, also running 10.3. I am
>>able to access using 10.2 with Eudora 6, so it sounds like an issue
>>with 10.3.
>>
>>I have forwarded your message to the testers for investigation.
>>
>>-Bernie Tower
>> Calmail Consulting
>>
>>>Hello,
>>>
>>>I'm working with someone in MCB who went ahead and did the early
>>>migration to CalMail from UCLink. In a nutshell, he can only send
>>>and receive mail if SSL is turned off. If he does turn on SSL
>>>before trying to send or receive, the task status window flies by
>>>as usual without displaying an error message, but messages to be
>>>sent stay in the queued state and no new messages are pulled down
>>>from the server. His account, if you need it, is tlaverty@uclink
>>>and he is using Mac OS 10.3.2 with Eudora 6.0.1.
>>>
>>>For now, we've turned off SSL so that he can continue to send and
>>>recive mail. Have you had experience with what can cause Eudora's
>>>SSL to fail in this context?
>>>
>>>Thank you,
>>>
>>>Dan Percival
>>>MCB Computer Help
>>>mcbhelp@ls / x3-5294
>
>
>------------------------------------------------------------------------
>The following was automatically added to this message by the list server:
>
>For information about MAGNet, its meetings and events, and its
>mailing list, including information on subscribing and unsubscribing,
>see the MAGNet Web site at <http://magnet.berkeley.edu/>.

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Fri Jan 16 13:35:31 2004