0

Since this morning, a few of the machines in our office have been unable to fetch e-mail from our domain over IMAP. The server (Windows 2012 R2, IIS 8, MailEnable) is set up to listen on ports 143 and 993, requiring SSL for both.

We have four or five machines running Windows 7, one running Windows 8, two running Windows 10, and one running MacOS (mine). Of these, one Windows 7 machine and the Windows 8 machine are affected; the rest appear to be unaffected.

Just to be certain that the user name or password isn’t the problem, I’ve been using the same account with precisely the same settings on four different machines to test – two where it works (Windows 7, MacOS) and the two where it doesn’t (Windows 7, Windows 8).

In order to test what might be going on, I installed OpenSSL on all three Windows machines (it’s preinstalled in MacOS, of course) and tried to connect in various ways. These are the results:

  • openssl s_client -connect domain.com:443
    Successfully connects and outputs a whole lot of data include certificate, etc., on all four machines.
  • openssl s_client -connect mail.domain.com:143/993 -crlf (first on 143, then on 993) on the working machines
    Same as above – successfully connects and outputs all relevant info. Ends with OK IMAP4rev1 server ready at 06/24/19 19:42:45, from where I can log in and so on.
  • Same command on the non-working machines
    Says CONNECTED(0000000XX) (where XX changes for each attempt), but outputs nothing further. Any input is ignored. Ctrl + C exits, whereupon any text I’d input gets printed in the command line
  • openssl s_client -connect mail.domain.com:143/993 -crlf -debug on the working machines
    Says write to 0x7ff439100200 [0x7ff43980d003] (200 bytes => 200 (0xC8)) (the numbers change, of course), then 12 lines of hex code, then a number of read from 0x7ff… blocks, then the rest of the ‘regular’ output from above
  • Same command on the non-working machines
    Has the write to block, but then nothing more – no read from block ever appears, nor anything else

So it looks overall like the SSL connection to the mail server on port 143 or 993 just times out on two of the machines, but not the other two. But why?

All the machines are on the same network. There are no special firewalls or anything of that kind on any of them, just Windows Defender and AVG. As far as I can tell, there is nothing blocking outgoing connections on port 143 or 993 on any of the machines. There have been no changes that I’m aware of on any of the machines (including the server) over the weekend.

Up until at least Friday afternoon, everything worked fine on all machines; this morning, no connection on two of them.

What could be causing this?

 

I’m no great network admin, but I’m the best we have; as a result, there’s probably some crucial information missing here. Please let me know so I can try to add it. I wasn’t quite sure whether to post this here or on SuperUser, but I figured since it is a corporate network, albeit a small one, it would be on-topic here.

Janus Bahs Jacquet
  • 105
  • 5
  • AVG what product exactly? Can you disable or uninstall it? – Michael Hampton Jun 25 '19 at 01:52
  • @MichaelHampton Just the standard free anti-virus product with standard settings. I _can_ disable it, but that would leave the machine completely unprotected, which I’m loth to do. – Janus Bahs Jacquet Jun 25 '19 at 05:54
  • Eh? You can't enable Windows Defender? – Michael Hampton Jun 25 '19 at 05:57
  • @MichaelHampton Sorry, yes, not completely unprotected. But on Windows 7, Defender is only against spyware, isn’t it? I can try on the Windows 8 machine of course. – Janus Bahs Jacquet Jun 25 '19 at 06:00
  • You had to use [Microsoft Security Essentials](https://support.microsoft.com/en-us/help/14210/security-essentials-download) for Windows 7 instead of Windows Defender, and it's mostly the same. – Michael Hampton Jun 25 '19 at 06:02
  • @MichaelHampton I’ll give it a go when I get to the office, but I’m not overly hopeful since AVG hadn’t been updated on either machine for a while, and it’s also running on the other Windows 7 machine where there are no problems. – Janus Bahs Jacquet Jun 25 '19 at 06:05
  • @MichaelHampton Well, colour me surprised! I had to completely uninstall AVG in order to enable Windows Defender (on the Windows 8 machine), but after doing so, the connection goes through without a hitch. I tried to find some kind of setting in AVG that might conceivably be responsible for this. The closest I got was a “Scan SSL connections” settings under Mail Protection, but disabling this made no difference. Any idea why AVG bizarrely seems to have been blocking SSL connections on port 143? Some way to avoid that without having to remove AVG completely (on the Windows 7 machine)? – Janus Bahs Jacquet Jun 25 '19 at 09:02

0 Answers0