TPG Community

Get online support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

external IMAPS port blocked

vicbis
Level 2
Level 2
‎26-08-2024 03:47 PM

Could someone explain this to me.

When I am at my Dad's place, who is with TPG, I cannot access imap.aussiebroadband.com.au on port 993 (imaps) with any other server that I use I can connect successfully on port 993

Details below, to be brief I have only posted 2 successful connections.

Thanks.

 

1: Unsuccessful (tpg)

vicb@emilia [ ~ ]$ dig +short myip.opendns.com @resolver1.opendns.com
194.223.14.210
vicb@emilia [ ~ ]$ nslookup 194.223.14.210
210.14.223.194.in-addr.arpa    name = 194-223-14-210.tpgi.com.au.       
vicb@emilia [ ~ ]$ openssl s_client -connect imap.aussiebroadband.com.au:993 -crlf
40B7E1083C710000:error:8000006F:system library:BIO_connect:Connection refused:crypto/bio/bio_sock2.c:178:calling connect()
40B7E1083C710000:error:10000067:BIO routines:BIO_connect:connect error:crypto/bio/bio_sock2.c:180:
40B7E1083C710000:error:80000065:system library:BIO_connect:Network is unreachable:crypto/bio/bio_sock2.c:178:calling connect()
40B7E1083C710000:error:10000067:BIO routines:BIO_connect:connect error:crypto/bio/bio_sock2.c:180:
connect:errno=101

2: successful

vicb@emily [ ~ ]$ dig +short myip.opendns.com @resolver1.opendns.com
101.187.15.181
vicb@emily [ ~ ]$ nslookup 101.187.15.181
181.15.187.101.in-addr.arpa    name = mail.tess-solutions.com.
Authoritative answers can be found from:
vicb@emily [ ~ ]$ openssl s_client -connect imap.aussiebroadband.com.au:993 -crlf
Connecting to 121.200.0.25
CONNECTED(00000003)

3: Successful

vicb@cdafd.cloudserverpanel.com [ ~ ]$ dig +short myip.opendns.com @resolver1.opendns.com
162.213.121.216
vicb@cdafd.cloudserverpanel.com [ ~ ]$ nslookup 162.213.121.216
216.121.213.162.in-addr.arpa    name = mail.impulsegamer.com.
Authoritative answers can be found from:
vicb@cdafd.cloudserverpanel.com [ ~ ]$ openssl s_client -connect imap.aussiebroadband.com.au:993 -crlf
CONNECTED(00000003)



 

0 Likes
Reply
3 REPLIES 3
david64
Master
Master
‎26-08-2024 07:47 PM

Hi @vicbis . On the TPG connection, can you try some telnet commands.

 

telnet imap.aussiebroadband.com.au 110

(Gives Hello there. Type quit to exit)

 

telnet imap.aussiebroadband.com.au 993

(Gives a blank screen indicating connection to host. Type Control A to quit.)

 

If telnet fails,

tracert imap.aussiebroadband.com.au

(or traceroute. See if you have network path to host.)

 

BTW, did you get an email saying I had replied, or were you just randomly checking in Community?

 

0 Likes
Reply
vicbis
Level 2
Level 2
‎28-08-2024 11:51 AM

Hi @david64

First off, Yes I did receive an email that you replied.

Ok the 'guts'

Note that I can only try testing on the TPG network whilst I'm at my dad's place.

Here is a list of what I have tried (and one thing to try)

1. I had no problem pinging imap.aussiebroadband.com.au

2. Connecting via the pop3 port (110) using telnet is ok (mind you this is inherently insecure, a bit like having telnet open on the standard port 23 and allowing 'root' or any other user logins)

3. Connecting via the imap port (143) using telnet is ok (again inherently insecure)

4. Verifying connection to port 993 (imaps) using telnet is possible, although you won't be able to do anything useful. In this case you need to use something like openssl (as per my original post). Mind you when I tried the telnet connection all it stated was "Trying 121.200.0.25..." and hung there.

5. I did not try the 'traceroute' as there was no point because I could ping the server successfully .

6. I did not try connecting on port 995 (pop3s) since I do not generally use pop3 or pop3s. Although now that I am thinking about this, I will try it out next time I am connected to the net when visiting my dad, who, again, is on TPG

If you want, try these out on my server 'wattlegum.org', which BTW operated correctly (I did not put test results in my original post)

BTW, I only use Linux including desktops, laptops, and 3 other servers I manage.

 

0 Likes
Reply
david64
Master
Master
‎28-08-2024 05:25 PM

@vicbis .

Telnet is handy to check network path and if port is open. I wasn't suggesting to use the insecure ports.

 

4. On Windows telnet to secure ports, I get a blank screen indicating a TCP session has started.

Control A ends the session back to command prompt.

Is there any firewall that might be blocking port 993?

How are you with packet capture software, eg. Wireshark? Shows how far the connection gets.

 

Telnet operation:
client sends SYN to host

host sends ACK + SYN to client

client sends ACK

TCP session has started.

 

On secure port, the mail client continues with CLIENT HELLO

Host sends SERVER HELLO

SSL handshake occurs and session runs encrypted.

 

0 Likes
Reply