XG appears to have a bug when using iMaps scanning and Wifi connections -

Hi foks,

installed the latest MACos update this morning and immediately MACMAIL showed timeout errors.

I have tried a number of changes and all come back to scanning issues. For the moment I have disabled iMAPs scanning which sort defeats the purpose of mail checking. I have disabled the use of TLS on one smtp account because of continual untrusted smtp server errors.

This was a problem with the iPAD and iPHONE mail, now even though the certificates were installed and trusted except the trust only lasted about 30 minutes or until I went outside with the phone and returned.

I expect somewhere I have installed the wrong certificate, mind you decrypt and scan https works on two MACs with the same certificates.

Ian

?

 

Now totally confused, I currently have all devices working with mail scanning, though occasional do  not trust this server and trust reset and all goes well again.

  • Okay, the certificate is trusted for about an hour at the most the trust fails. The failing certificate 3xpires at the and of 2021 so I am not sure where this certificate comes from? Also the failing domain is the main domain in the certificate and my mail uses one of the aliases of which there are many. I have tried using the primary domain, but still get the same error.

    just as confused as before.

    ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Hi,

    I have found the cause of the issue and that is the iphones and iPad are picking up the wrong ca when checking mail. I have installed the correct cas but still the error persists.

    ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Hi folks,

    I have changed the label on the thread after a day of investigation and testing. The devices are setup to use Imaps scanning in XG

    Testing.

    1/. removed all CAs fro download folders and iCloud.

    2/. checked the all the CA areas in the XG are using the same CA.

    3/. downloaded a new copy of the XG CA.

    4/. Sent a copy to the iPad which was copied to the iCloud to enable sharing with the iPhone.

    5/. deleted mail accounts from both iPhone and iPad. restarted both devices.

    6/. Installed the CA in both devices

    7/. created mail accounts on both devices

    8/. all very good - trusted the CAs 

    9/. no issues for about 60 minutes then trust failed on there map server (SMTPS server fine no issues).

    10/. removed mail account from iPad and restarted it.

    11/. created new account from a different ISP on the iPad also using iMap.

    12/. again all very good for about an hour then trust fails on the new ISP mail server.

    13/.checking both device mail accounts I see the the mail servers are not responding, is I think this is the cause of the trust figure. 

    14/. restart one device and requested to trust the mail server again.

    15/. while receiving the CA trust figures I am listening o streaming music, reviewing this website and looking at my weather station.

    16/. my wife's MBP (which is currently using wfifi) has been throwing up fails to connect to one of her email accounts, restart the MBP and the issue clears again.

     

    My original issue which I have been chasing over a number of versions of Apple OSes and XG does not appear to be a trust failure but a network issue.

    So, inconclusion I am left with no other suggestion than the XG is the common point of failure and therefore has a bug.

     

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • The frustrating part of this exercise is that SMPT/S scanning works without any issues.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Scan IMAPS sometimes has issues with server certificates.
    I don't know the details.
    Rebooting XG will fix it.

    I think the recent macOS Update and WiFi are not related.

  • Hi,

    I agree the latest update and wifi are not related, but the issue is ongoing.

    i have restarted the XG and will try again later today. Last restart had no effect. But I have made some changes we will see.

    ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Hi core_memory,

    a restart did not fix the issue. 

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • It may be another issue.
    I'm not sure.

  • Hi,

    now see more meaningful error messages, the CAs are not pinning compliant. The CA expires 31/1/2022 or there about.

    So, off to look at how to change the CA to one the meets the requirements.

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Hi,

    this is the issue

    Both ISP IMAP accounts present the same date even with different CA details.

    I have tried to create a CA in the XG with an executable date which I did and had done previously, but there is no way to change the IMAP/S security setting other then DEFAULT or SSLxxxxx where as in the SMTP setting I can use my self generated CA which of course I do  not need to do.

    Where to next?

    Ian

     

    More testing. my wife's email accounts have been driving me crazy for about 3 days using the WIFI, dropped server, not responding, not connecting to incoming mail server, changed her connection back to a physical one and the issues vanished.

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with AP55/c - 20w. 
    If a post solves your question use the 'This helped me' link.