Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 544 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

It seems "There is a bug in the email imap proxy" is back again.

Guenter

Hi there,

 

until this week I was able to fetch and send all our IMAP4S Mailboxes through our SFOS 18 Box. 

Now, since this week, the Mailclients (eg. Thunderbird) hang and and did not retreive any eMail.

Moving existing eMails to an IMAP Subfolder results in an error.

On SFOS Advanced CLI:

 

cat /log/warren.log

EBUG Aug 26 12:37:41 [4133485376]: valid
DEBUG Aug 26 12:37:41 [4133485376]: Switching myself to STARTTLS
DEBUG Aug 26 12:37:41 [4133485376]: Writing STARTTLS response.
DEBUG Aug 26 12:37:41 [4133485376]: generic_server_READER: Calling RAW_READ return OK
DEBUG Aug 26 12:37:41 [4133485376]: relay_connection: Read event on Server Over
DEBUG Aug 26 12:37:41 [4133485376]: relay_connection: continue loop
DEBUG Aug 26 12:37:41 [4133485376]: relay_connection: _enter for loop
DEBUG Aug 26 12:37:41 [4133485376]: peek '174' bytes from client hello
DEBUG Aug 26 12:37:41 [4133485376]: Validating Higher Version Client Hello.
DEBUG Aug 26 12:37:41 [4133485376]: Handshake Version : 771
DEBUG Aug 26 12:37:41 [4133485376]: Client Hello Version : 771
INFO Aug 26 12:37:41 [4133485376]: valid client hello
DEBUG Aug 26 12:37:41 [4133485376]: SNI: imap.gmx.net
INFO Aug 26 12:37:41 [4133485376]: h-ver '5' , chel-ver '5'
INFO Aug 26 12:37:41 [4133485376]: SSL session established with server: '212.227.17.170'
DEBUG Aug 26 12:37:41 [4133485376]: CommonName: mail.gmx.net
DEBUG Aug 26 12:37:41 [4133485376]: server certificate OK
DEBUG Aug 26 12:37:41 [4133485376]: Acquired read-lock.
DEBUG Aug 26 12:37:41 [4133485376]: certificate for SNI('imap.gmx.net') found in cache
INFO Aug 26 12:37:41 [4133485376]: SSL_accept() failed: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
DEBUG Aug 26 12:37:41 [4133485376]: SSL_accept() failed: this is last msg!!!
DEBUG Aug 26 12:37:41 [4133485376]: relay_connection: _exit loop
DEBUG Aug 26 12:37:41 [4133485376]: Freeing client 11
DEBUG Aug 26 12:37:41 [4133485376]: SSL session with '10.40.0.131' closed
DEBUG Aug 26 12:37:41 [4133485376]: Freeing client 12
DEBUG Aug 26 12:37:41 [4133485376]: SSL session with '212.227.17.170' closed
INFO Aug 26 12:37:41 [4133485376]: fd: 11 closed

 

If I disable my IMAP Mail Scan Rule on my firewall, I was able to send and receive all Mails without any error.

So, I think this issue is similar to

https://community.sophos.com/products/xg-firewall/f/email-protection/105385/there-is-a-bug-in-the-email-imap-proxy

 

But what is the solution?

 

sincerly

Guenter

 

 

 

 

 

 



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi  

    Thank you for reaching out to the Community!

    Apologies for the inconvenience caused. This seems to be related to an ID that our support team is already investigating (NC-54604). Would it be possible to please share your support case number with me so that I can follow up?

    Thanks,

  • 0 in reply to FormerMember

    I've the same problem.
    On Sunday, it was working, Monday not. So I've disabled the E-Mail scanning. 
    Yesterday, I've got to make it working.... today, the problem exists too.

    I've get the same error: Bad Record MAC

    I use Outlook 2019.
    Here you can see a complete tcpdump on port 993: