Sign in with
Sign up | Sign in

Gmail Drops Support for POP3 with Self-Signed Certificates

By - Source: Slashdot | B 7 comments

Gmail users can't retrieve email from third-party services using self-signed SSL certificates.

For the past week, access to a third-party email service through Gmail has stopped as of December 11 after years of trouble-free email retrieval. According to the mail fetch history panel, it's an SSL Security Error that's preventing email retrieval from the pop3 server, reporting that the SSL certificate has expired. Naturally a technical support request has been placed with the third-party provider, but now a new report indicates that Google is responsible for the Gmail SSL error thanks to a new policy.

According to Slashdot, Google's Gmail servers have been reconfigured to not connect to remote pop3 servers that have self-signed certificates. Thus Gmail users trying to get email from other services may be left with an unencrypted connection, or no access to the services whatsoever.

"As of December 2012, Gmail uses 'strict' SSL1 security," the company states. "This means that we'll always enforce that your other provider's remote server has a valid SSL certificate. We made this change to offer a higher level of security to better protect your information."

In other words, Google will now only accept SSL certificates from a paid provider approved by Google. The company states that Gmail users can always uncheck the "Always use a secure connection (SSL) when retrieving mail" option on the Accounts and Import tab in the Gmail settings menu, but that also means the user's password and email will not be protected while sent over the Internet.

The other option is to notify the third-party email service of the error so they can "fix" their SSL setup. The Slashgear report suggests that public keys should be placed on Google's side in the user configuration rather than simply dumping the problem on the user and then moving on.

"If the error is not fixed, we will disable your mail fetching and stop retrieving your messages from your other account," Google said. "We do not accept self-signed certificates. For a certificate to be valid it needs to chain up to a valid CA, like one in the Mozilla CA list."

So far Google has not publicly announced the change in its SSL policy via a blog update or press release.

 

Contact Us for News Tips, Corrections and Feedback

Display 7 Comments.
This thread is closed for comments
  • 0 Hide
    freggo , December 18, 2012 2:51 PM
    Why would I want POP3 access from within GMail?
    We run our own mail server and if anything would want our server to have POP3 access to our Google accounts.

  • 0 Hide
    moonsite , December 18, 2012 3:21 PM
    Gmail has become very confusing to use for me lately. Even though I am still using it heavily, I prefer the much simpler interface of Outlook webmail.
  • 2 Hide
    kyzarvs , December 18, 2012 3:29 PM
    Email security is an utter illusion - anyone sending sensitive information by email needs their head examined. It's a good first step though to insist on proper certificates - self-cert proves nothing.
  • 2 Hide
    twelch82 , December 18, 2012 5:57 PM
    Is this really about security, or making money?
  • 0 Hide
    kellybean , December 18, 2012 6:18 PM
    Gmail is the best one out there has the best spam filtering too.
  • 0 Hide
    _Cosmin_ , December 19, 2012 11:14 AM
    kyzarvsEmail security is an utter illusion - anyone sending sensitive information by email needs their head examined. It's a good first step though to insist on proper certificates - self-cert proves nothing.


    Everheard of PGP or other cryptography software (thunderbird even has an add-on for better integration)? Sensitive information must never travel unencrypted even if you think the travel medium is secure!
  • 0 Hide
    Anonymous , December 20, 2012 9:17 PM
    DigiCert just wrote an article about this with an explanation and troubleshooting tips. Check it out:

    http://www.digicert.com/ssl-support/gmail-pop3-troubleshooting.htm
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter