login about faq

POP3 CheckMail recurring login issue

0

I have a c# routine that runs mailman.CheckMail() every 5 minutes against the POP3 service on outlook.com. Every once in a while the check fails with unknown user name or bad password. It happens at least once an hour, but the remaining times it works just fine.

The code used is fairly simple:

Chilkat.MailMan mailman = new Chilkat.MailMan();
...    
mailman.MailHost = "podXXXXX.outlook.com";
mailman.MailPort = 995;
mailman.PopSsl = true;
mailman.PopUsername = "XXXXXXXXXX";
mailman.PopPassword = "XXXXXXXXXX";
mailman.ConnectTimeout = 60;
mailman.ReadTimeout = 60;

// Verify the POP3 TCP/IP connection.
bool success = mailman.VerifyPopConnection();  <-- Is is wrong to verify here??
if (!success)
{
    return;
}

// Get number of emails
int nMails = mailman.CheckMail();

This may not be a chilkat or programming issue, but can I always trust that the login is properly transmitted to the POP3 server?

I would be able to understand recurring connection issues or similar cause, but since it appears the the connection is established properly, that does not seem to be the cause. Of course it could be a Microsoft internal problem but then there is most likely nothing I can do to solve the problem.

The full error message is:

ChilkatLog:
  CheckMail:
    DllDate: Dec 18 2012
    UnlockPrefix: XXXXXXXXXX
    Username: XXXXXXXXXXXX
    Architecture: Little Endian; 32-bit
    Language: .NET 4.5
    VerboseLogging: 0
    SendAlert:
      TlsAlert:
        level: warning
        descrip: close notify
      --TlsAlert
    --SendAlert
    socket shutdown..
    Pop3Connect:
      Connecting to POP3 server
      hostname: podXXXXX.outlook.com
      port: 995
      ssl: 1
      connectTimeoutMs: 60000
      heartbeatMs: 0
      ConnectTimeoutMs_1: 60000
      calling ConnectSocket2
      IPV6 enabled connect with NO heartbeat.
      connectingTo: podXXXXX.outlook.com
      resolveHostname1:
        Resolving domain name (IPV4) via gethostbyname
      --resolveHostname1
      GetHostByNameHB_ipv4: Elapsed time: 0 millisec
      myIP_1: XXXXXXXXXX
      myPort_1: 64108
      connect successful (1)
      clientHelloMajorMinorVersion: 3.1
      buildClientHello:
        majorVersion: 3
        minorVersion: 1
        numRandomBytes: 32
        sessionIdSize: 0
        numCipherSuites: 10
        numCompressionMethods: 1
      --buildClientHello
      readIncomingTls_serverHello:
        processTlsRecord:
          processHandshake:
            handshakeMessageType: ServerHello
            handshakeMessageLen: 0x46
            processHandshakeMessage:
              MessageType: ServerHello
              Processing ServerHello...
              ServerHello:
                MajorVersion: 3
                MinorVersion: 1
                SessionIdLen: 32
                CipherSuite: RSA_WITH_AES_128_CBC_SHA
                CipherSuite: 00,2f
                CompressionMethod: 0
                Queueing ServerHello message.
                ServerHello is OK.
              --ServerHello
            --processHandshakeMessage
            handshakeMessageType: Certificate
            handshakeMessageLen: 0x11f8
            processHandshakeMessage:
              MessageType: Certificate
              ProcessCertificates:
                Certificate:
                  derSize: 1755
                  certSubjectCN: outlook.com
                  certSerial: 6097CFFA000100005018
                  certIssuerCN: MSIT Machine Auth CA 2
                --Certificate
                Certificate:
                  derSize: 1548
                  certSubjectCN: MSIT Machine Auth CA 2
                  certSerial: 615DAAD2000600000040
                  certIssuerCN: Microsoft Internet Authority
                --Certificate
                Certificate:
                  derSize: 1285
                  certSubjectCN: Microsoft Internet Authority
                  certSerial: 07276FAE
                  certIssuerCN: Baltimore CyberTrust Root
                --Certificate
                NumCertificates: 3
                Queueing Certificates message...
              --ProcessCertificates
            --processHandshakeMessage
            handshakeMessageType: ServerHelloDone
            handshakeMessageLen: 0x0
            processHandshakeMessage:
              MessageType: ServerHelloDone
              Queueing HelloDone message.
            --processHandshakeMessage
          --processHandshake
        --processTlsRecord
      --readIncomingTls_serverHello
      HandshakeQueue:
        MessageType: ServerHello
        MessageType: Certificate
        MessageType: ServerHelloDone
      --HandshakeQueue
      Dequeued ServerHello message.
      Dequeued Certificate message.
      DequeuedMessageType: ServerHelloDone
      OK to ServerHelloDone!
      No client certificate required by the server.
      Encrypted pre-master secret with server certificate RSA public key is OK.
      Sending ClientKeyExchange...
      Sent ClientKeyExchange message.
      Sending ChangeCipherSpec...
      Sent ChangeCipherSpec message.
      Derived keys.
      Installed new outgoing security params.
      Sending FINISHED message..
      algorithm: aes
      keyLength: 128
      Sent FINISHED message..
      readIncomingTls_changeCipherSpec2:
        processTlsRecord:
          processChangeCipherSpec:
            ccsProtocolType: 1
          --processChangeCipherSpec
        --processTlsRecord
      --readIncomingTls_changeCipherSpec2
      readIncomingTls_handshakeFinished2:
        processTlsRecord:
          processHandshake:
            handshakeMessageType: HandshakeFinished
            handshakeMessageLen: 0xc
            processHandshakeMessage:
              MessageType: HandshakeFinished
              FinishedMsgLen: 12
              Queueing Finished message.
            --processHandshakeMessage
          --processHandshake
        --processTlsRecord
      --readIncomingTls_handshakeFinished2
      Dequeue the FINISHED message...
      Dequeued Finished message.
      Handshake completed successfully.
      Secure Channel Established.
      Turning on TCP_NODELAY.
      Connected to POP3 server
      Turning on TCP_NODELAY.
      socketOptions:
        SO_SNDBUF: 65536
        SO_RCVBUF: 65536
        TCP_NODELAY: 65537
      --socketOptions
      PopCmdResp: +OK The Microsoft Exchange POP3 service is ready. [QQBNAFMAUABSAEQAMAAzADEAMABDAEEAMAAwADYALgBlAHUAcgBwAHIAZAAwADMALgBwAHIAbwBkAC4AbwB1AHQAbABvAG8AawAuAGMAbwBtAA==]
      greeting: +OK The Microsoft Exchange POP3 service is ready. [QQBNAFMAUABSAEQAMAAzADEAMABDAEEAMAAwADYALgBlAHUAcgBwAHIAZAAwADMALgBwAHIAbwBkAC4AbwB1AHQAbABvAG8AawAuAGMAbwBtAA==]
      ConnectionType: SSL/TLS
    --Pop3Connect
    Pop3Authenticate:
      username: xxxxxxxxx
      popSPA: 0
      PopCmdSent: USER xxxxxxxxx
      PopCmdResp: +OK
      PopCmdSent: PASS ****
      PopCmdResp: -ERR Logon failure: unknown user name or bad password.
      POP3 response indicates failure.
      PASS_response: -ERR Logon failure: unknown user name or bad password.

      POP3 authentication failed
    --Pop3Authenticate
    Authentication failed.
    Not in transaction state
    Failed.
  --CheckMail
--ChilkatLog

asked May 07 '13 at 10:11

roan98dk's gravatar image

roan98dk
342192745
2 Answers:
oldestnewestmost voted
1

Here are some comments:

1) Instead of calling VerifyPopConnection, I would recommend calling Pop3BeginSession which connects and authenticates.

2) I've noticed the same behavior in non-Chilkat apps. For example, from time to time when checking email on my IPhone, I get an error message indicating the login is invalid -- but I know it is not. I wonder if this is somehow related?

3) Turn on VerboseLogging, and examine the contents of the Pop3SessionLog property. With verbose logging on, the Pop3SessionLog should contain the login/password. With verbose logging off, the password would be excluded from the log. You can use the session log to verify that the correct login/password was indeed being sent.

link

answered May 07 '13 at 12:27

chilkat's gravatar image

chilkat ♦♦
12.8k325451615

Thanks, I will your recommendations and monitor logged error messages. I will post the results in a few days.

(May 07 '13 at 18:08) roan98dk

Be careful about posting the session log w/ verbose logging. You may wish to send that to me in private email (support@chilkatsoft.com)

(May 07 '13 at 18:18) chilkat ♦♦

Of course :-) Whenever I post logs in general, I always scramble details that can identify passwords, users, servers etc.

(May 07 '13 at 19:32) roan98dk

I already received the first error which unfortunately is exactly the same as before. LastErrorText (received right after Pop3BeginSession) is identical to the one already posted. Pop3SessionLog does not reveal any interesting details. I see the username but password is still scrambled. I have enabled verbose logging.

(May 07 '13 at 19:35) roan98dk

I thought verbose logging would cause the password to get logged -- but I was not correct. This new build will log the password to the Pop3SessionLog and LastErrorText when VerboseLogging is turned on.

http://www.chilkatsoft.com/preRelease/ChilkatDotNet45-9.4.1-win32.zip

(May 08 '13 at 11:37) chilkat ♦♦

Unfortunately I am not able to test this new build easily since the POP3 connection is only used in production environment and for now I do not have a duplicate account to use while debugging. I will most likely not be able to test this before the new release, which is when btw?

(May 08 '13 at 13:35) roan98dk

The new release is coming as soon as possible. Hopefully by the beginning of June.

(May 08 '13 at 15:59) chilkat ♦♦

It is a holiday now here in Denmark, so I will test the pre-release while it ought not affect any customers.

(May 08 '13 at 18:36) roan98dk

Ok, I have tested now and unfortunately both actual username and password sent are correct. Does this mean that the error must be on the server side ?

(May 09 '13 at 04:57) roan98dk

Yes, the evidence points to it.

(May 09 '13 at 11:02) chilkat ♦♦

I have asked Microsoft Partner Support to investigate the issue. Unfortunately they started by saying that they discourage the use of POP3 in favor of IMAP, but when I tried IMAP the pattern is exactly the same. Their first comment was that is must be a network connection failure, but then I feel that the error message should have said so. I suppose that while sending POP3 and IMAP commands we cannot be absolutely certain that all sent characters arrive intact at the server, or can we? If we can then the error must be with Microsoft.

(May 11 '13 at 07:27) roan98dk

I mentioned this earlier, but I get this from time to time when accessing my email from my IPhone with the default IPhone email app. The error message indicates a bad username/password. But then I try again and it works. It happens sporadically from time to time.

(May 11 '13 at 09:52) chilkat ♦♦

I tried with a 5 second delay, but in many cases it still fails the second time. I will try with various different delays and see if that has any impact.

(May 13 '13 at 04:50) roan98dk
showing 5 of 13 show all
0

I would like to add that after I added a retry delay of 10 seconds, I practically get no authentication failures logged. For clarification my code now looks like this:

// Verify the POP3 TCP/IP connection and authenticate
bool success = mailman.Pop3BeginSession();
if (!success)
{
    // The POP3 server indicates authentication failure from 
    // time to time so retry after a short delay before failing.
    System.Threading.Thread.Sleep(10000); // 10 seconds
    success = mailman.Pop3BeginSession();
    if (!success)
    {
        ErrorHelper.LogError(mailman.LastErrorText);
        return false;
    }
}

Perhaps Pop3BeginSession() could have an optional argument to retry automatically x number of times or after a specified delay before failing completely?! Since this is little extra code I had to add, it hardly justify modifying Pop3BeginSession(). The same problem happens with IMAP though, so if a workaround will be introduced in Pop3BeginSession(), it should also be implemented in IMAP's Login() method.

Too bad that my discussion with Microsoft over this problem has led nowhere so far. Their attitude seems to indicate random network errors rather than internal authentication errors.

link

answered May 21 '13 at 05:32

roan98dk's gravatar image

roan98dk
342192745
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×66
×32
×12
×9
×2

Asked: May 07 '13 at 10:11

Seen: 6,424 times

Last updated: May 21 '13 at 05:32

Related questions

Pop3 Command is not valid in this state

How to Automate the Login to a Web Site (for legitimate use)

GMail Authentication Fails

Authentication method for SMTP

Best way to verify POP3 and/or connection?

SSH/SFTP Keyboard Interactive Authentication?

MailMan Intermittent "Connection Closed By Peer" Error

Download attachments in using POP3?

Failed to generate file. pem

keyboard-interactive authentication failure

about | faq | privacy | contact

powered by OSQA