Author Topic: MailShield seems to block certificate exchange on Port 995  (Read 1236 times)

0 Members and 1 Guest are viewing this topic.

Offline th.isermann

  • Newbie
  • *
  • Posts: 4
MailShield seems to block certificate exchange on Port 995
« on: March 23, 2021, 08:05:20 AM »
Hi,
I have a 3rd party tool, that tries to fetch mails over port 995 with ssl. When the option "scan incoming mails" is disabled, everything works fine.
I used wireshark to find out whats going on and can see, that during the ssl handshake a certificate will be exchanged.
If "scan incoming mails" is enabled, the ssl handshake fails and the certificate can not be seen in the tcp dump.
It seems to be blocked by the MailShield.

How can I solve this?

Thanks

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: MailShield seems to block certificate exchange on Port 995
« Reply #1 on: March 23, 2021, 11:10:56 AM »
Hi, I have a 3rd party tool...
Provide details.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline th.isermann

  • Newbie
  • *
  • Posts: 4
Re: MailShield seems to block certificate exchange on Port 995
« Reply #2 on: March 23, 2021, 11:44:44 AM »
It is the Telekom KIM ClientModule used to send and receive emails vie the telematikinfrastruktur.
ithin the email client this tool acts as email server but in fact it is more a kind of proxy.
The tool itself acts as a mail client connecting the server in the telematikinfrastruktur.

I hope, this explaination is OK  ;D

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: MailShield seems to block certificate exchange on Port 995
« Reply #3 on: March 23, 2021, 12:05:08 PM »
- Which Avast..? (Free/Premium)
- Which version/build of Avast..?
- OS..? (32/64 Bit..? - which SP/Build..?)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline th.isermann

  • Newbie
  • *
  • Posts: 4
Re: MailShield seems to block certificate exchange on Port 995
« Reply #4 on: March 23, 2021, 12:24:58 PM »
Avast Free Antivirus 21.1.2449 (Build 21.1.5968.643)
Windows 10 64-Bit, Version 20H2 (Build 19042.867) Windows Feature Experience Pack 120.2212.551.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: MailShield seems to block certificate exchange on Port 995
« Reply #5 on: March 23, 2021, 12:26:50 PM »
Update to the latest version (21.2): https://forum.avast.com/index.php?topic=255221.0
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline th.isermann

  • Newbie
  • *
  • Posts: 4
Re: MailShield seems to block certificate exchange on Port 995
« Reply #6 on: March 23, 2021, 01:35:13 PM »
Done, but still the same: The certifikate in the tls handshake is not visible in wireshark.
Disabling the scan-option in the mailshield makes it work.
Any other ideas?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: MailShield seems to block certificate exchange on Port 995
« Reply #7 on: March 23, 2021, 01:44:42 PM »
Well, mail shield uses its own certs, your tool might mess this up.
But that would be something for the devs to answer/investigate.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline r@vast

  • Avast team
  • Massive Poster
  • *
  • Posts: 2761
Re: MailShield seems to block certificate exchange on Port 995
« Reply #8 on: March 24, 2021, 12:06:48 PM »
Hi,

Try exporting the Mail Shield certificate and importing it into your email client.
Please see this guide https://support.avast.com/en-ww/article/Troubleshoot-invalid-email-certificate/