02-10-2013 5:45 PM
The topic says it - starting a few weeks ago, every attempt to fetch pop3 mail gets me a popup with the following error:
SSL Certificate check for inbound.att.net:
Subject: CN=inbound.att.net,OU=att.net Mail,O="AT&T Services, Inc.",L=Southfield,ST=Michigan,C=US
Do you wish to accept?
I am retrieving mail just fine from a different email account on a different PC with similar settings (although with different email app).
In this case, I am using Evolution under Ubuntu Linux. Everything was working fine until a few weeks ago. I know I could just accept the certificate, but I would really love to understand what the problem actually is before I sweep it under the rug.
Thanks for any suggestions, preferably not pointing out I'm using "unsupported" software....
02-11-2013 8:52 AM
I have included a few links that will hopefully be of help.
If your still having trouble please feel free to send a private message to one of our ATTCustomer care specialists by using the following link. Please include your name, email address, phone number and the best time to be contacted. An ATT representative will reach out to you within 48 hours.
02-11-2013 3:27 PM
Thanks for the response, but netither of the links you provided were helpful. I have not changed password recently, and the problem is collecting my sbcglobal.net email via pop, not using att/yahoo to collect other email.
However, based on a bunch more searching, I am becoming more convinced that although AT&T/Yahoo might have made some recent change, the reason I am getting the error is likely due to a problem with the way Evolution is handling the SSL Certificates, and not with the certificate itself. I'll pursue that path a bit further before I use your link for sending a private message. One way or another, I'll post a follow-up when I have more information.
02-14-2013 9:50 AM
Yes a follow up post would be great, not only for myself but for many others that might encounter an issue like this as well.
10-25-2013 5:30 AM
Here we are 8 months later and I'm now having the same issue. Specifically, I've been using pop.att.yahoo.com for inbound on my Samsung Galaxy S (Verizon) cell. About a week or two ago I stopped getting my messages to the cell, although they are picked up by Outlook on the desktop. When I try changing it to inbound.att.net it says "cannot safely connect to server. org.bouncycastle.jce.exception . Could not validate certificate." ATT says SENDING is a "known issue" but my problem is receiving. Seems like it's been going on for quite a while...
Any ideas? Does ATT know about this? ( I just sent them a private note...)
03-22-2015 10:48 PM
Same thing began happening to me on just one of the ATT_yahoo email accounts I use, all three in the same email client. The other two (SBCglobal, also in ATT) connect fine as usual, but the att.net account with the server INBOUND.ATT.NET suddenly stopped checking mail, won't pass the SSL handshake and connect. It gives a message that the CERTIFICATE is bad; "name on the destination host does not match the name on the certificate." (Shows a big text box of info on that cert with a YES or NO choice as to trust it.)
Knowing that Superfish was recently found in some namebrand tablet PCs, and that it contains the Komodia redirector crapware to pass SSL connections through untrusted parties, I don't choose to trust that cert. After finding no actual answer on this forum I tried callling ATT support again for a simple YES or NO as to whether the CERT INFO shown is correct for their named server (name not shown on cert), or not to trust it. Seems like a simple yes/no answer for ATT to reply as to a valid cert, but ... no dice unless I buy paid support contract on pretext that my Eudora client (which works FINE otherwise) is the problem because it raised a flag.
I'll have to stifle any comments about the webmail interface and the interface on this forum which has lost/dumped my previous comments. You can guess what I think, and all of us need to guess whether our SSL email connections are being monitored by (?) third parties or not.
03-23-2015 10:24 AM
Not a clue if this helps any, but my understanding is, certificates do expire over time, and have to be renewed to keep them valad.
Could be, someone in thier it simply dropped the ball, and forgot to send the check, or for whatever reason, the certificate was altered.
The bit of the NSA and other third parties snooping is a discussion for another venue.
05-18-2015 4:54 PM
Same problem once again...
Server inbound.att.net certificate Verisign Class 3 Secure Server CA - G3 valid period 4/23/14 to 4/25/15. Now getting Internet Security Warnings in Outlook 2010 due to the expired certificate.
Tried to report it through UVerse Support Chat, but was told by Adolf to "take it to Microsoft"... couldn't even get them to refer it to Tier 2 were it would eventually be addressed. They told me they provide NO support for any email clients - I should use the Web Mail! Unbelievable!!!
05-18-2015 8:13 PM