Do you have a question? Post it now! No Registration Necessary
August 3, 2017, 5:51 pm

I'm still not ready to give up my Eudora email program. But it's proving to
be a bit intractable at the moment. I recently switched to a new hosting
service and had a great deal of problems setting it up for the new servers.
Seems TLS is broken in Eudora, at least with modern servers. I was finally
able to get the bloody thing to work after playing with it for some days.
Now the provider has switched servers and Eudora will no longer send emails.
Downloading emails is fine, but on sending either it times out or gives
errors regarding authentication depending on the port number used. I ran
wireshark but I can't say I understand the results. Only a half dozen
messages are sent or received and there is 100 second wait between them. So
it looks like something is timing out.
Any suggestions on how to debug this? How do email clients authenticate if
TLS isn't used?
be a bit intractable at the moment. I recently switched to a new hosting
service and had a great deal of problems setting it up for the new servers.
Seems TLS is broken in Eudora, at least with modern servers. I was finally
able to get the bloody thing to work after playing with it for some days.
Now the provider has switched servers and Eudora will no longer send emails.
Downloading emails is fine, but on sending either it times out or gives
errors regarding authentication depending on the port number used. I ran
wireshark but I can't say I understand the results. Only a half dozen
messages are sent or received and there is 100 second wait between them. So
it looks like something is timing out.
Any suggestions on how to debug this? How do email clients authenticate if
TLS isn't used?
--
Rick C
Rick C

Re: Eudora eMail Problems

Who's the ISP? I want to check what protocols they support and
expect. If you don't want to disclose this information, try the
following as a starting template for an SMTP session using telnet:
<https://technet.microsoft.com/en-us/library/aa995718 (v=exchg.65).aspx>
Use this to encrypt your password:
<https://www.base64encode.org
If you still have access to your old ISP account that worked, try the
same session and compare results between the old and new ISP.
Good luck.
--
Jeff Liebermann snipped-for-privacy@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Jeff Liebermann snipped-for-privacy@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
We've slightly trimmed the long signature. Click to see the full one.

Re: Eudora eMail Problems

Just realized, after my response, that this was an S.E.D post.
There is a Eudora-specific group: comp.mail.eudora.ms-windows
...Jim Thompson
--
| James E.Thompson | mens |
| Analog Innovations | et |
| James E.Thompson | mens |
| Analog Innovations | et |
We've slightly trimmed the long signature. Click to see the full one.

Re: Eudora eMail Problems
Jim Thompson wrote on 8/3/2017 3:56 PM:

Talk about your spartan web pages. They don't even talk about the control
panel or if you can support reseller accounts. I have several people using
my account to host their web pages and they need separate logins. I sent
them a question about it.

Talk about your spartan web pages. They don't even talk about the control
panel or if you can support reseller accounts. I have several people using
my account to host their web pages and they need separate logins. I sent
them a question about it.
--
Rick C
Rick C

Re: Eudora eMail Problems
The service provider probably wants to use TLSv1.2 which did not
exist when Eudora was frozen.
If that is the case there is no overlap between the security options
in Eudora and those that your provider supports.
The only solution is to try and use no security. Eudora has an option
for this ("Secure sockets when sending: Never") and many email
providers have a special port that they will reluctantly allow to be
used without security.
John

Re: Eudora eMail Problems
snipped-for-privacy@gmail.com wrote on 8/3/2017 4:19 PM:

Very strange. Before when I switched to Mightweb they did not allow email
without authentication. Now it works just fine. I assume the
authentication is to prevent spammers from using email servers as relays. I
hope this doesn't get shut down.

Very strange. Before when I switched to Mightweb they did not allow email
without authentication. Now it works just fine. I assume the
authentication is to prevent spammers from using email servers as relays. I
hope this doesn't get shut down.
--
Rick C
Rick C

Re: Eudora eMail Problems
Jeff Liebermann wrote on 8/3/2017 3:51 PM:

The web hosting provider is Mightyweb.net. I don't think my ISP has any
email support. I tried contacting them yesterday and never heard back. I
looked up the possibility of using gmail or Yahoo mail and both seem to use
TLS which I know Eudora does not work with.
Mightyweb says using no authentication exposes the password which sounds
like a bad idea. I'm not sure using authentication actually encrypts the
password. I've always used authentication, just not TLS. How then does
that work?

The web hosting provider is Mightyweb.net. I don't think my ISP has any
email support. I tried contacting them yesterday and never heard back. I
looked up the possibility of using gmail or Yahoo mail and both seem to use
TLS which I know Eudora does not work with.
Mightyweb says using no authentication exposes the password which sounds
like a bad idea. I'm not sure using authentication actually encrypts the
password. I've always used authentication, just not TLS. How then does
that work?
--
Rick C
Rick C

Re: Eudora eMail Problems

There are several different forms of authentication which can work
over a non-encrypted connection. The really insecure ones transmit
the password in cleartext, and these can (as noted) expose your
password on the net, and also require that the ISP store the password
itself.
There are hash-based authentication systems which can be reasonably
secure even if an encrypted connection is not used. In these, neither
system ever transmits the password itself. Instead, the server says
(in effect) "Here, append this randomly-chosen string to your
password, compute an MD5/SHA-1/SHA-256 hash of the result, and send me
back the hash." This allows your client software to "prove" that it
has the password.
With this approach you still have the concern that the email itself is
flowing over a non-encrypted connection and is open to being
wiretapped, even if the password is not.
Not all ISPs, server packages, and client packages support all of
these authentication methods such as MD5AUTH. You can still end up a
situation in which "plain text" is the only method the two ends can
agree upon... not good, especially in shared-public-network situations.
You can use any of these authentication methods over an encrypted
connection (SSL or TLS), so that both the password phase and the
actual email exchange is secured.

Re: Eudora eMail Problems
On Thu, 03 Aug 2017 19:18:09 -0500, Peabody

It's all a function of what the ultimate E-mail provider supports
(Eudora itself _does_ support SSL).
I'm connected to the Internet via CenturyLink fiber.
But I retrieve E-mail from my website provider, OLM.net, which uses
authentication, but not SSL (for Eudora-based 'retrievers').
Not that I think 'security' is a big deal... if some expert wants to
intercept your E-mail it won't matter what you use... you'll lose >:-}
So keep your criminal communications to face-to-face only ;-)
...Jim Thompson

It's all a function of what the ultimate E-mail provider supports
(Eudora itself _does_ support SSL).
I'm connected to the Internet via CenturyLink fiber.
But I retrieve E-mail from my website provider, OLM.net, which uses
authentication, but not SSL (for Eudora-based 'retrievers').
Not that I think 'security' is a big deal... if some expert wants to
intercept your E-mail it won't matter what you use... you'll lose >:-}
So keep your criminal communications to face-to-face only ;-)
...Jim Thompson
--
| James E.Thompson | mens |
| Analog Innovations | et |
| James E.Thompson | mens |
| Analog Innovations | et |
We've slightly trimmed the long signature. Click to see the full one.

Re: Eudora eMail Problems
Jim Thompson wrote on 8/3/2017 8:42 PM:

I've been in touch with OLM and they don't claim to have any special support
for Eudora. I asked and the reply was, "what does Eudora support"? I
replied that Eudora supports SSL TLSv1.
Hello Rick,
Thank you for contacting
OLM. We do not support TLSv1 SSL
connections. There are to[sic] many security
risks.
Clearly they have no special knowledge or support for Eudora. How are you
operating with Eudora? What type of authentication are you using? I only
got mine working by using Wireshark to see just what was happening.

I've been in touch with OLM and they don't claim to have any special support
for Eudora. I asked and the reply was, "what does Eudora support"? I
replied that Eudora supports SSL TLSv1.
Hello Rick,
Thank you for contacting
OLM. We do not support TLSv1 SSL
connections. There are to[sic] many security
risks.
Clearly they have no special knowledge or support for Eudora. How are you
operating with Eudora? What type of authentication are you using? I only
got mine working by using Wireshark to see just what was happening.
--
Rick C
Rick C

Re: Eudora eMail Problems
rickman says...
> Sure. Do you know what form of authentication they use?
"Last SSL Info" for POP says Port 995, TLSv1,
DHE-RSA-AES256-SHA(256bits)
For SMTP it's the same, except Port 587.
Cox requires my Cox username and password.
Under Getting Started, I have Allow Authentication checked.
Under Checking Mail, I have Secure Sockets when receiving
set to "Required, Alternate Port"
Under Incoming Mail, I have POP and Passwords selected.
Under Sending Mail I have Allow Autherntication and Use
Submission Port (587) selected. And under Secure Sockets
when sending, I have Required, STARTTLS selected.
All the Kerberos stuff is turned off.
Then you need to Google "patch QCSSL.dll". This addresses
the situation where the first contact to the server takes a
long time, or even times out. I think there's a version for
7.1.0.9 on dropbox which Google will take you to. or if
you're using 6.2.5.6, I can send you the patch. I think in
both cases, just one byte is changed in the dll.
The big problem most people have is with certificates used
by the server not being considered valid by Eudora. After
attempting to POP email, you can go into the Last SSL Info
under Checking Mail, and open up the Certificates section at
the bottom, and make sure there are no bad certs. If there
are, you may need to import them. And you can only fix one
at a time. There may be a whole string of them, so you nay
have to repeat the process until everything is good.
I think TLSv1 may not be supported by your server. It is
considered to be compromised. If so, you may be out of luck
on encryption. Eudora used its own SSL dll, and I don't
know how you would get a more modern version.
> Sure. Do you know what form of authentication they use?
"Last SSL Info" for POP says Port 995, TLSv1,
DHE-RSA-AES256-SHA(256bits)
For SMTP it's the same, except Port 587.
Cox requires my Cox username and password.
Under Getting Started, I have Allow Authentication checked.
Under Checking Mail, I have Secure Sockets when receiving
set to "Required, Alternate Port"
Under Incoming Mail, I have POP and Passwords selected.
Under Sending Mail I have Allow Autherntication and Use
Submission Port (587) selected. And under Secure Sockets
when sending, I have Required, STARTTLS selected.
All the Kerberos stuff is turned off.
Then you need to Google "patch QCSSL.dll". This addresses
the situation where the first contact to the server takes a
long time, or even times out. I think there's a version for
7.1.0.9 on dropbox which Google will take you to. or if
you're using 6.2.5.6, I can send you the patch. I think in
both cases, just one byte is changed in the dll.
The big problem most people have is with certificates used
by the server not being considered valid by Eudora. After
attempting to POP email, you can go into the Last SSL Info
under Checking Mail, and open up the Certificates section at
the bottom, and make sure there are no bad certs. If there
are, you may need to import them. And you can only fix one
at a time. There may be a whole string of them, so you nay
have to repeat the process until everything is good.
I think TLSv1 may not be supported by your server. It is
considered to be compromised. If so, you may be out of luck
on encryption. Eudora used its own SSL dll, and I don't
know how you would get a more modern version.

Re: Eudora eMail Problems
Peabody says...
> I think TLSv1 may not be supported by your server. It
> is considered to be compromised. If so, you may be out
> of luck on encryption. Eudora used its own SSL dll, and
> I don't know how you would get a more modern version.
I notice that the two usual OPENSSL files are also in the
Eudora program files folder. So it may be possible to update
to newer TLS versions by updating those two files, which
presumably are the 32-bit versions. However, the only
references I could find to TLS in the QCSSL.dll file were to
v1. So even if later TLS versions are in the OpenSSL files,
they may not be called.
> I think TLSv1 may not be supported by your server. It
> is considered to be compromised. If so, you may be out
> of luck on encryption. Eudora used its own SSL dll, and
> I don't know how you would get a more modern version.
I notice that the two usual OPENSSL files are also in the
Eudora program files folder. So it may be possible to update
to newer TLS versions by updating those two files, which
presumably are the 32-bit versions. However, the only
references I could find to TLS in the QCSSL.dll file were to
v1. So even if later TLS versions are in the OpenSSL files,
they may not be called.

Re: Eudora eMail Problems
Peabody wrote:

That reminds me that the client and server cannot be too far apart in
their timestamps. The SSL/TLS handshaking passes a time-sensitive
token. If one end is way off on time, the token is considered as having
expired. The OP needs to make sure his date and time are current.

That reminds me that the client and server cannot be too far apart in
their timestamps. The SSL/TLS handshaking passes a time-sensitive
token. If one end is way off on time, the token is considered as having
expired. The OP needs to make sure his date and time are current.

Re: Eudora eMail Problems
Peabody wrote on 8/3/2017 10:58 PM:

Seems I was mistaken. I am able to turn off authentication and send an
email to one of my other email accounts on the same server, but I am still
not able to send email to other servers. The reported error is "550 without
authentication". My hosting provider is not being much help. They just see
it as a problem of using a crappy email program.
I wish I understood the use of Stunnel better. I'm not sure if it will help
with this problem or if I can even run it under Windows.
Would it make any sense to run an email server on my laptop? That seems
like it would need to be the email endpoint, no? That would mean I'd have
to host the domain name on my laptop, right?

Seems I was mistaken. I am able to turn off authentication and send an
email to one of my other email accounts on the same server, but I am still
not able to send email to other servers. The reported error is "550 without
authentication". My hosting provider is not being much help. They just see
it as a problem of using a crappy email program.
I wish I understood the use of Stunnel better. I'm not sure if it will help
with this problem or if I can even run it under Windows.
Would it make any sense to run an email server on my laptop? That seems
like it would need to be the email endpoint, no? That would mean I'd have
to host the domain name on my laptop, right?
--
Rick C
Rick C
Site Timeline
- » OT: Huntington, WV
- — Next thread in » Electronics Design
-
- » Old Transistor Circuit - Positive Feedback Question
- — Previous thread in » Electronics Design
-
- » Auction in Fremont, ca NOW
- — Newest thread in » Electronics Design
-
- » Amateur electronics in danger due to lack of DIP ICs
- — Last Updated thread in » Electronics Design
-
- » Подвох
- — The site's Newest Thread. Posted in » Electronic Circuits (Russian)
-