SSL connection problem in Outlook 2007

[william]

Recently, AT&T has decided to change its POP3 and SMTP ports to SSL
connections. After repeated headbanging calls to AT&T support, they have told
me that there is a known issue with SSL connections and Outlook 2007. I am
unable to determine if they are just blaming someone else or not.

When I use the AT&T suggested serving settings (and yes, they all match what
AT&T has told me to use), I get an error message that says (I paraphrase)
"cannot connect to the POP3 server...error 0X80042108...contact your ISP."
Until the past day or two, the old settings worked fine. Now I am getting
this message and am unable to pull down my web email.

Computer details: Windows XP with all known updates, Office 2007 with all
known updates, Outlook is connected at work through Exchange, the email I am
trying to retrieve is my AT&T/Sbcglobal.net email.

Please help. Are there settings on my computer that need to change? Are
there settings on the Exchange server that need to change (note: this email
is not coming through the Exchange Server - I put in the account info only at
my local email client)? Is this a local firewall issue that I need to
investigate?

Thanks in advance.

 

[Vanguard]

in message

Recently, AT&T has decided to change its POP3 and SMTP ports to SSL
connections. After repeated headbanging calls to AT&T support, they
have told
me that there is a known issue with SSL connections and Outlook 2007.
I am
unable to determine if they are just blaming someone else or not.

Did they also change the port numbers when they changed to requiring
SSL?

 

[william]

Yes. POP is 995 and SMTP is 465. I exactly followed their directions to
change. I even deleted the profiles, restarted, added the new ones, etc... I
did it about 10 times! Arg. Some by myself and others when I had some moron
tech support person on the line.

 

[Vanguard]

in message

Yes. POP is 995 and SMTP is 465. I exactly followed their directions
to
change. I even deleted the profiles, restarted, added the new ones,
etc... I
did it about 10 times! Arg. Some by myself and others when I had some
moron
tech support person on the line.

See http://support.microsoft.com/kb/318790/en-us.

The reason they suggest uninstalling and reinstalling your anti-virus or
anti-spam software is that some operate as transparent proxies. Even if
you disable their e-mail scanning function, the mail traffic still
passes through their proxy. If their proxy is dead, it doesn't matter
if scanning of e-mail is enabled or disabled. The proxy isn't working
so you can't do e-mail.

Last time I had Norton anything was their Internet Security Suite 2003.
At that time, it took 6 e-mails (after getting to a higher level tech)
to discuss how I could successfully kill off NAV and then start their
services in the correct order. I had to write a batch file to kill the
processes in the correct order, do some cleanup, and then restart the
services in the correct order to get their proxy working again.

Try disabling e-mail scanning in your anti-virus program. Disable your
anti-spam software, especially if operating as a plug-in to Outlook (or
try starting Outlook in its safe mode via "outlook.exe /safe" so no
plug-ins load with Outlook). If that doesn't work, uninstall your
anti-virus and anti-spam software and test again. During the install,
and if you are given a choice, do NOT install their e-mail scanning
function. It is redundant and affords no added protection.

Don't know if your Outlook is included in SBS. If so, maybe
http://support.microsoft.com/kb/837368/en-us applies to you.

Another problem is one having to do with the site's encryption
certificate. In asking for an SSL connection, that site has to proffer
you their cert. If their CA (certificate authority) for that cert is
slow or unresponsive then your e-mail client can't verify it which means
it cannot make the requested SSL connection. The problem isn't with the
site (unless they are the CA since sites can issue their own certs) but
with whomever is the CA for the cert that the site uses.

http://www.rapidssl.com/ssl-certificate-support/ssl-faq.htm gives some
info on how SSL connects work. Could be it is AT&T's problem with their
CA. The client is able to verify the authenticity of the certificate to
prove to itself that it is indeed communicating with the correct mail
server, otherwise an error is thrown. provides more details with
comments like "The client is able to verify the authenticity of the
certificate to prove to itself that it is indeed communicating with the
correct mail server, otherwise an error is thrown.". I've never dug
into how to see the SSL cert profferred by an e-mail service to see if
there is some way to dig out its details from within Outlook. I know
when you save certs on your host that you can use the cert manager
(certmgr.msc) to see them and get details on them, like who is the CA.

 

[dstubb]

I'm using Outlook 2007, and also AT&T DSL service. Most recently they have