dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1873
share rss forum feed

lostdude

join:2002-10-11
Bellevue, WA

Comcast Email SSL?

On the Comcast Transition instruction there is something about setting the SSL port to 995. Is this an optional setting and do I need to make both the incoming and outgoing SSL port to 995?


ok1234

@attbi.com
where is that located???


draven
Ex-Mod 2004-10
join:2002-02-20
my bunker

reply to lostdude
Do you use any SSL mail accounts? This is usually not needed.....but if you do, you set the incoming port to 995. Again though, unless you have a specific reason that you know you should be downloading via SSL, then you should not enable this in your e-mail client.
[text was edited by author 2003-06-30 13:33:28]


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
reply to lostdude
The information on manually configuring your email is at this link:
»online.comcast.net/faqs/faq-deta···FaqID=47

It also explains that if you turn on SSL, it will send your password encrypted instead of in the clear. A very good thing for security, because without that, anybody with a packet sniffer can see your username and password for your mail account as Outlook Express logs you in to read messages. You don't need to login to send email, only read it. That is why the port # changes to 995 on the pop3 setting when the ssl box is checked.

Attached above is a picture of what the settings look like in Outlook Express 6.0.
--
My Home Page , Java Calculator


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
reply to draven
said by draven:
Do you use any SSL mail accounts? This is usually not needed.....but if you do, you set the incoming port to 995. Again though, unless you have a specific reason that you know you should be downloading via SSL, then you should not enable this in your e-mail client.

Comcast now supports SSL email logon. They did not before. It keeps your username and password encrypted while logging into your email account using Outlook Express. It can prevent anyone with a packet sniffer on any router along the way to the email server from harvesting your username and password.
--
My Home Page , Java Calculator

lostdude

join:2002-10-11
Bellevue, WA
reply to FFH5
Thanks Guys, I tested SSL and it works fine reading mail but got an error message sending email unless I leave the SSL for Outgoing mail unselected.


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5

said by lostdude:
Thanks Guys, I tested SSL and it works fine reading mail but got an error message sending email unless I leave the SSL for Outgoing mail unselected.
You are correct about not having SSL enabled for outbound smtp traffic. It isn't needed, but it worked for me with smtp outbound and ssl just fine.
--
My Home Page , Java Calculator



[text was edited by author 2003-06-30 14:29:29]


Big_D
Premium
join:2003-06-02
Augusta, GA
reply to lostdude
FWIW, I just noticed that with OE6 if you click the "this server requires a secure connection(SSL)" the POP3 port will automatically change to 995.
--
You want the truth? You can't handle the truth!


Big_D
Premium
join:2003-06-02
Augusta, GA
reply to FFH5
Stupid question... If you go to the servers tab there is a check box for "Log on using Secure Password Authentication" how is this different from setting up the SSL on the advanced page?
--
You want the truth? You can't handle the truth!


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5

said by Big_D:
Stupid question... If you go to the servers tab there is a check box for "Log on using Secure Password Authentication" how is this different from setting up the SSL on the advanced page?
Edit: see my message below for correct description of the security options for logging on to outbound message server.--
My Home Page , Java Calculator


[text was edited by author 2003-06-30 14:55:06]


Big_D
Premium
join:2003-06-02
Augusta, GA
said by FFH5:
That setting makes your system logon to the server before sending an email using smtp protocol. That isn't required by Comcast, because they allow email sends without logging on. But I believe they do check to make sure your IP address is part of their network. At least they should do that or spammers can hijack their smtp mail servers.

I thought thats what the "My server requires authentication" was for. What's the difference between that and "Log on using Secure Password Authentication?
--
You want the truth? You can't handle the truth!


FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
said by Big_D:
I thought thats what the "My server requires authentication" was for. What's the difference between that and "Log on using Secure Password Authentication?
They are 2 different things.

"Secure Password Authentication" is a separate security protocol developed by Microsoft that almost no one I know ever uses. Maybe if you are an MSN network user it is available. But most ISP's don't use that protocol.

"My server requires authentication" just means that you must supply your username/password supplied to you by your ISP when you send mail, as opposed to just using that username/password when reading mail.
--
My Home Page , Java Calculator


Big_D
Premium
join:2003-06-02
Augusta, GA
Ok you answered my question. The first time I think you gave me the answer to the wrong question, but thanks for the help.
--
You want the truth? You can't handle the truth!


draven
Ex-Mod 2004-10
join:2002-02-20
my bunker
reply to FFH5
said by FFH5:
Comcast now supports SSL email logon. They did not before. It keeps your username and password encrypted while logging into your email account using Outlook Express. It can prevent anyone with a packet sniffer on any router along the way to the email server from harvesting your username and password.
Yes true, but I guess I mean to say that I don't think many people would have the mandatory need for this
--
"It's ironic that a computer manufacturer is teaching the record industry the next step, and so far, that's what's happening." -- Singer-songwriter Janis Ian, on Apple's iTunes service.
Take notes, RIAA. Take lots of notes.


Big_D
Premium
join:2003-06-02
Augusta, GA
said by draven:
Yes true, but I guess I mean to say that I don't think many people would have the mandatory need for this
While most people probably don't have a need for this, I'd highly recommend that everyone take advantage of the security provided by SSL. I know I prefer to keep my email private.
--
You want the truth? You can't handle the truth!


djchas
Chaz
Premium
join:2000-03-16
Yardley, PA
reply to lostdude
Click for full size
I didn't change anything in my settings but it seems eudora is now retrieving my comcast email via SSL. Never had those padlocks before.
--
Yo! Visit the Philadelphia Forum in City Chat!!! »Philadelphia & Northeast

gnubeest
Gnu

join:2001-10-28
Nashville, TN
reply to lostdude
SSL seems a bit spotty to me so far. Half the time, the server just hangs on me as it's logging in. Turning off SSL and logging in happens quickly. It actually logged me in fine a couple of days ago, but I haven't had much luck with it since.

Can't wait 'til Comcast irons out all the woolies -- things are really starting to shape up.

systems2000
What? You Say It's Fixed. Hah

join:2001-11-29
Cyberspace
reply to FFH5

That FAQ sheet sucks! Where is the information for the better e-MAIL clients for Windows (Eudora, Opera, Messenger, GroupWise, etc.)?

Once I found that SSL was active, I've tried getting it to work for Netscape Messenger 7.xx and it won't work on Windows 2000 server. Netscape 4.8 works fine on the laptop w/Win98se. I've opened the ports on my router and told ZA to let SSL through. When I disable SSL communication works fine.

Netscape 4.8 works on the Windows 2000 server, but I believe SSL is only outgoing for 4.8, but very slow retrieving.

systems2000
What? You Say It's Fixed. Hah

join:2001-11-29
Cyberspace
said by systems2000:
Where is the information for the better e-MAIL clients for Windows (Eudora, Opera, Messenger, GroupWise, etc.)?
Oops, found it under "other: Unsupported clients". Figures.:(