Applies To:
eikasrhaas
Had this question 3
Question
eikasrhaas asked on

The server you are connected to is using a security certificate that cannot be verified. The target principal is incorrect.

As I open Outlook 2010 and try to get my email from comcast.net
Ganesh Kumar N
Found this helpful 3
Answer
Ganesh Kumar N replied on

Try to use the default port numbers for the email account configured in Outlook.

 

Note: Ensure to make a note of the account settings for the email configured in Outlook prior to making any changes. If the steps given below do not allow you to send/receive emails, restore the original account settings.

 

Open Outlook > File > Info > Account Settings > Email accounts > View or change Existing Email accounts. Double-click on the Email account > More settings > Advanced > uncheck ‘This server requires an encrypted connection (SSL)’ for outgoing server (SMTP). Also change the value of the port number to 25 or 1025.

Ganesh Kumar N
Ganesh Kumar N
Found this helpful 0
Ganesh Kumar N replied on

Verify if using any self-signed certificate in Outlook. To locate the certificate stored in Outlook, click on File-> Options-> Trust Center-> Trust center Settings > E-mail security->

 

Visit the following thread link for help:

http://social.answers.microsoft.com/Forums/en-US/outlookacct/thread/bf45d1e9-d803-424f-b7c4-2b203b98ca55

Ganesh Kumar N
eikasrhaas
Found this helpful 0
eikasrhaas replied on

I looked in the in Outlook, click on File-> Options-> Trust Center-> Trust center Settings > E-mail security->, but did not find anything that said self-signed.  There is a listing for digital certificates of which I have none (However, it takes me to a place that I can make one. I don't think that's what I need to solve this problem as I'm just accessing my email & not trying to send anything with a digital signature.).  I also have already looked at http://social.answers.microsoft.com/Forums/en-US/outlookacct/thread/bf45d1e9-d803-424f-b7c4-2b203b98ca55 but did not find an answer there.  Please keep in mind that I'm using Windows 7, Outlook 2010, pop.comcast.net/smtp.comcast.net/mail.comcast.net
Ganesh Kumar N
Found this helpful 3
Answer
Ganesh Kumar N replied on

Try to use the default port numbers for the email account configured in Outlook.

 

Note: Ensure to make a note of the account settings for the email configured in Outlook prior to making any changes. If the steps given below do not allow you to send/receive emails, restore the original account settings.

 

Open Outlook > File > Info > Account Settings > Email accounts > View or change Existing Email accounts. Double-click on the Email account > More settings > Advanced > uncheck ‘This server requires an encrypted connection (SSL)’ for outgoing server (SMTP). Also change the value of the port number to 25 or 1025.

Ganesh Kumar N
eikasrhaas
Found this helpful 0
eikasrhaas replied on

I did Open Outlook > File > Info > Account Settings > Email accounts > View or change Existing Email accounts. Double-click on the Email account > More settings > Advanced > uncheck ‘This server requires an encrypted connection (SSL)’ for outgoing server (SMTP). The Value of the Port Number was already 25 so I left it as is.  Your instructions seems to have worked. Thank you for your help!
Dhanabalan
Found this helpful 1
Dhanabalan replied on

Try to use the default port numbers for the email account configured in Outlook.

 

Note: Ensure to make a note of the account settings for the email configured in Outlook prior to making any changes. If the steps given below do not allow you to send/receive emails, restore the original account settings.

 

Open Outlook > File > Info > Account Settings > Email accounts > View or change Existing Email accounts. Double-click on the Email account > More settings > Advanced > uncheck ‘This server requires an encrypted connection (SSL)’ for outgoing server (SMTP). Also change the value of the port number to 25 or 1025.

This information was very helpful!
Regards,
Dhanabalan T


tmgibs
Found this helpful 0
tmgibs replied on

My POP client requires that I use SSL. Not sure why anyone would suggest turning off security if iti s available.
IT Architect
Found this helpful 0
IT Architect replied on

My POP client requires that I use SSL. Not sure why anyone would suggest turning off security if iti s available.
True.  Not going secure is a great way to get the attention of, and bump up the bottom line of whomever runs your E-mail server.  The first thing that happens is someone scams your user name and password in a coffee shop.  Then they sell it for good money to a spammer.  The spammer uses the E-mail server to spam using your account.  The server gets blocked by the data center so the data center doesn't get shut down by their connection provider(s).  Then the server administrator investigates and finds out it's you.  He simply shuts down your domain, and life goes on.  When your company realizes nobody can send and receive E-mail, and perhaps your web site doesn't work either, they call.  He requires they certify they fixed the problem.  He turns the domain back on and watches, and shuts it right back off it starts spamming.  After your provider helps you find out what the problem is, and implement a remedy, he sends you a big bill which you will pay or be shut off.  The way I know this is I'm one of those who send people the bill.  So far, people have been happy to pay to get back in business.  However, it doesn't end there.  In corporate America, often the same password that accesses their E-mail password logs them into their server at work, where there is plenty of good stuff to be found, and damage that can be done. 

The lay of the land:
- Port 25 is used for unathenticated transfers of E-mail between source and destination SMTP servers.  Because it doesn't require sender authentication, ISPs block this port to prevent their users from using their E-mail clients to feign as an E-mail server to spam.  There are two exceptions to this:
  1.  The customer purchased a dedicated IP address which normally indicates they have an in-house E-mail server.  In this case, if an IP gets blacklisted it affects only the offender.
  2.  The customer authenticates to, and uses their E-mail account at the ISP to send through.  In this case, they know who you are, and will deny you service if you spam or even give the appearance of it.  If they allowed you to send unauthenticated mail to their server on port 25 to be forwarded to a destination server, the ISPs E-mail server would be classified as a relay and blocked.
- Port 587 is for E-mail submission, and requires authentication to sender's E-mail server in order to send.  Normally, the sending E-mail server will scan the messages for malware and bounce any message where it is detected.  This prevents you from sending malware and protects the E-mail server from getting blacklisted.
- On the receiving side things are pretty standard.  POP3 is 110, secure POP3 is 995, IMAP is 143, and secure IMAP is 993.  The inconsistencies are on the sending side.  Back in the day, port 25 was allowed for unauthenticated and authenticated transmission.  Microsoft still defaults for their E-mail clients to port 25, and large E-mail providers use port 465 the secure port for port 25 transmission, and use it for secure SMTP for submission using SSL, in violation of the specifications.  The fact is, port 465 has nothing to do with E-mail at all.  IANA reserved TCP 465 for CISCO for URL Rendesvous Directory for SSM, and UDP 465 for IGMP over UDP for SSM.  Moreover, a malformed request to port 465 is known to cause denial of service attacks. Port 465 is also known to have vulnerabilities caused by trojans and remote code execution.  According to the IETF, the proper way to do E-mail Submission for both in the clear and encrypted E-mail submission is to use port 587, and to use TLS for encryption.  So, the way it plays out in the real world is the big players allow crazy non-standard methods of the past, as well as the IANA and IETF standards.  Everyone else, just proper way.  The standardized way of E-mail was well defined (1998) well before GMail (2004), so I only can speculate as to why the supported the non-standard while Yahoo! and Hotmail have a semi-valid excuse.  So the bottom line is, port 587 is the only port that works everywhere for sending E-mail, and TLS is the only encryption that works everywhere.