On 2016 Jul 27, at 15:20, Joseph Tam jtam.home@gmail.com wrote:
Well, yes, that's what you would expect. You've told your mail client to connect to "45.56.81.181", the client starts the SSL negotiation and finds the certificate is made out for "sheepsystems.com", and your mail client complains about the mismatch (a possible MITM attack). This is what you want SSL enabled system to do.
Very sensible - I hadn’t thought of that.
Since 45.56.81.181 does not map to "sheepsystems.com" yet, you can short-circuit DNS and add a direct mapping to your Mac by adding this to /etc/hosts:
45.56.81.181 sheepsystems.com
then reconfiguring your mail client to use the server "sheepsystems.com". This will appease the SSL constraint.
I did that, and it appears working now – logging in, finding no messages and logging out.
Of course, I’d been using that private/etc/hosts patch to test my new web pages, but it didn’t seem to work with email – it was still hitting my existing server. It now appears that, with Mail.app, unlike with Safari and Firefox, one must flush the DNS cache (sudo killall -HUP mDNSResponder), and/or relaunch Mail.app, after changing /private/etc/hosts.
Don't know [those log entries] this is about -- probably your Mac bailing out on authentication.
Yes, that’s what I thought - when it didn’t like the cert it just aborted and the server logged a timeout.
Well, definitely you’ve gotten me over one hurdle and I’m on to the next one :) Thank you, Joseph!