19

I used up all possible combinations of hostname but I always either get a certificate error or just IMAP connection broken.

Certificate failure for imap.froiden.com: Server name does not match certificate: /O=imap.mailhostbox.com/OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=imap.mailhostbox.com

Hostname which I used is '{imap.froiden.com}INBOX'. ANy suggestion to solve this error?

Shashank Jain
  • 847
  • 2
  • 10
  • 25
  • 1
    the cert was issued for `imap.mailhostbox.com` - for SSL connections, the requested hostname and the hostname the cert was issued for MUST match, or you're going to get these warnings/errors. Hostname mismatches (in a malicious setting) mean someone's trying to spoof/forge something. – Marc B Oct 25 '11 at 15:39
  • @MarcB Well, I tried every combination but it doesnt work like **imap.froiden.com:993/imap/ssl**. Is there anything I need to configure on my host? – Shashank Jain Oct 25 '11 at 15:45
  • 1
    You should be using imap.mailboxhost.com:993/imap/ssl, assuming that the cert is right and it really is being served up from a machine named imap.mailhostbox.com – Marc B Oct 25 '11 at 15:49
  • @MarcB: results in a timeout. – Shashank Jain Oct 25 '11 at 15:55

3 Answers3

40

The certificate is plain invalid. You should either connect to imap.mailboxhost.com:993/imap/ssl or contact the administrator of the mail server and ask for a valid certificate.

Note that while you can use the connection string imap.froiden.com:993/imap/ssl/novalidate-cert to skip certificate validation, you should not do so as that flag will allow any Man In The Middle attacker to read and write your email.

phihag
  • 278,196
  • 72
  • 453
  • 469
10

I can confirm this is working well:

$mb = imap_open("{phoenix.srv.spletnasoba.si:993/imap/ssl/novalidate-cert}","username", "password" );

$emails = array();
$messageCount = imap_num_msg($mb);
for( $MID = 1; $MID <= $messageCount; $MID++ )
{

    $EmailHeaders = imap_headerinfo( $mb, $MID );
    foreach($EmailHeaders as $key => $value) {
        if (validateEmail($value)) {
            $emails[$value] = $key;
            echo $value."\n";
        }
    }
}



function validateEmail($email) {
    return filter_var($email, FILTER_VALIDATE_EMAIL);
}
Community
  • 1
  • 1
Rok Meglič
  • 129
  • 1
  • 3
1

In case you're using gmail, make sure you turn on "Allow access for less secure apps" in the account settings page of your google account for you to be able to access your gmail account using imap_open()

abdul01
  • 89
  • 3