Microsoft Services & Apps
Back to Top

Comcast SMTP server problem

SOLVED
Highlighted
quetek
Contributor

Comcast SMTP server problem

We have been using smtp.w14c.comcast.net for outgoing messages for many months without any problem.

Starting today, sending emails fails with the following error:

 

smtp.png

 

We are not sure if this is a problem with the server or the email software (it was automatically updated recently).

 

Our email software: Thunderbird  38.0.1

OS: Windows 8

 

Please advise.

 

 

 

Accepted Solution

Re: Comcast SMTP server problem

try using either port 465 or 587 if you want to use STARTTLS or SSL/TLS

View solution in context
Accepted Solution

Re: Comcast SMTP server problem

Yes, the correct port is used for each protocol (if you have not not use Thunderbird, the software is smart enough to set the default port when a certain protocol is selected).

 

I can telnet directly to the port numbers on the server.  So this could be a problem with Thunderbird.

View solution in context
Accepted Solution

Re: Comcast SMTP server problem

My coworker ran into the exact same problem after updating Thunderbird.  So this seems to be a compatible issue with the latest version of Thunderbird.  Just wonder if anybody at comcast has time check it out?  Thunderbird is freely available and there should be quite a few of people using it (not really based on the responses here!).

View solution in context
Accepted Solution

Re: Comcast SMTP server problem

I'm having the same issue, but I don't think this is a Thunderbird problem. I do not think that Comcast doesn't seem to be supporting TLS on thier business class SMTP outgoing email servers. The older client may have been falling back to un-encrypted mode. On a side note, the residential service (Xfinity) server does support tls. I looked for a way to submit and support ticket on this issue but only found this forum. I doubt I could get my point across over the phone of what the problem is. Here's how I tested on my Arch Linux box using openssl. 

 

 

[tsweets@keystone ~]$ openssl s_client -connect smtp.w14a.comcast.net:587 -starttls smtp
CONNECTED(00000003)
140715379508888:error:140790E5Smiley FrustratedSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 273 bytes and written 353 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated

 

 

HOWEVER

The residential service server (smtp.comcast.net) does

 

[tsweets@keystone ~]$ openssl s_client -connect smtp.comcast.net:587 -starttls smtp
CONNECTED(00000003)
depth=2 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO High-Assurance Secure Server CA
verify return:1
depth=0 C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Business Center, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = smtp.comcast.net
verify return:1
---
Certificate chain
0 s:/C=US/postalCode=19103/ST=PA/L=Philadelphia/street=1 Comcast Center/O=Comcast Corporation/OU=Business Center/OU=Hosted by Comcast Corporation/OU=EliteSSL/CN=smtp.comcast.net
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIQM8L8HAe3R5lqeN4EU10vpjANBgkqhkiG9w0BAQUFADCB
iTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxLzAtBgNV
BAMTJkNPTU9ETyBIaWdoLUFzc3VyYW5jZSBTZWN1cmUgU2VydmVyIENBMB4XDTE0
MDcyMTAwMDAwMFoXDTE1MDcyMTIzNTk1OVowgeoxCzAJBgNVBAYTAlVTMQ4wDAYD
VQQREwUxOTEwMzELMAkGA1UECBMCUEExFTATBgNVBAcTDFBoaWxhZGVscGhpYTEZ
MBcGA1UECRMQMSBDb21jYXN0IENlbnRlcjEcMBoGA1UEChMTQ29tY2FzdCBDb3Jw
b3JhdGlvbjEYMBYGA1UECxMPQnVzaW5lc3MgQ2VudGVyMSYwJAYDVQQLEx1Ib3N0
ZWQgYnkgQ29tY2FzdCBDb3Jwb3JhdGlvbjERMA8GA1UECxMIRWxpdGVTU0wxGTAX
BgNVBAMTEHNtdHAuY29tY2FzdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQClQHDGTuA5IL37wvecHd4ymTQ+si08g1G2fEtmFvFZur0Bxh5qqjYs
sAYhw2nOoAFCouAVUHrXxMP+Hqb2vOgWiB/WC2oLntfI6lJcjBBhwNzq/+LyXDoH
ytgIRO4xnV4ioltllAUqs7nxH+rvWTpCXmDlUS/iwrYddc1UuStIVcfWGbDJ/1Ck
UrmqsAmpadfrbbf2AEhm1TM6enMSO8KSKAmugervTx60f8GPh72VM3BasKf15GeS
FtsbT4GgpUWChSznSzuEID2Pfi4LsrSsEf3iII0kTnLIdvl2EGCA/xoKL703hDVQ
i1A3nYNuXBWdVD48YnQRDqr3fWAkhlTtAgMBAAGjggHaMIIB1jAfBgNVHSMEGDAW
gBQ/1bXQ1kR5UEoXo5uMSty4sCJkazAdBgNVHQ4EFgQUAynEc1cROVIKlz5LsuZm
95QXIKIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCsw
KQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeB
DAECAjBPBgNVHR8ESDBGMESgQqBAhj5odHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9D
T01PRE9IaWdoLUFzc3VyYW5jZVNlY3VyZVNlcnZlckNBLmNybDCBgAYIKwYBBQUH
AQEEdDByMEoGCCsGAQUFBzAChj5odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01P
RE9IaWdoLUFzc3VyYW5jZVNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYY
aHR0cDovL29jc3AuY29tb2RvY2EuY29tMDEGA1UdEQQqMCiCEHNtdHAuY29tY2Fz
dC5uZXSCFHd3dy5zbXRwLmNvbWNhc3QubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQDO
23GqbiapNrPbM4dBYIxbYs9jyf54d15A8XwPakRXdMgr1T3oWE1bbbyoJxXt4lu1
TI8DzHISvygh1WWEAd0au6DdDbkMpriI0YxRjaQDm2cqM8kE/ITpQSJ0acQEzQcf
6HDGd/Jongf5HL0E/uo8J0t57Pp3eENOSgW1ICwp8uVT30dRh7UUseEawBj9/NVU
iEIehNKkR8pKdkbHCD34G+Q4xfvCevHi/sZ7iJLfl2/Bck2TVSLcosVv3wrdAEeV
z0to0l9aosDVXeXFBedhbbsvPxbMPwIpLS5eDhsXvO6jOrnBWNe+x0Psz8S+QJa5
Qj7LrmxS+7IxqEWJB0V/
-----END CERTIFICATE-----
subject=/C=US/postalCode=19103/ST=PA/L=Philadelphia/street=1 Comcast Center/O=Comcast Corporation/OU=Business Center/OU=Hosted by Comcast Corporation/OU=EliteSSL/CN=smtp.comcast.net
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 5023 bytes and written 567 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-SHA
Session-ID: F9C5D8B413065E5D1296D0A956E8BC6703C935B8D8F20CE60A0211E577907EA5
Session-ID-ctx:
Master-Key: 70AE4C646038BE5C3FD54FA1B748FD2B1836DC4D7ABD718A0CEF604219FDB588ACF740CBBC4934822D1DB92C9309D7C9
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 81 57 af d8 2c 70 20 f6-b8 1c a2 f5 3b bf 9d 35 .W..,p .....;..5
0010 - c5 98 1d 73 75 78 9f 62-3d 0d 94 15 9e 1c 15 aa ...sux.b=.......
0020 - f9 71 75 51 79 64 c6 81-70 fa d6 85 88 a8 81 04 .quQyd..p.......
0030 - 28 9d b3 53 2e 01 38 dd-83 64 6c bf 64 4e 41 66 (..S..8..dl.dNAf
0040 - a1 21 b3 21 83 96 90 1f-63 e6 dd 57 25 0d 36 3f .!.!....c..W%.6?
0050 - cb bd 13 b4 e4 41 88 92-20 43 ee 6d a3 29 a1 63 .....A.. C.m.).c
0060 - 94 19 99 46 f2 4a 9d 94-23 cc d0 f2 47 12 f4 62 ...F.J..#...G..b
0070 - ee 1f 5f 88 ae ab a9 c4-ea b9 fe ef 7d 5f e4 00 .._.........}_..
0080 - 0f 00 29 fb c6 7e a0 b0-07 9e a8 ea cf d7 49 42 ..)..~........IB
0090 - 69 7c d8 0e c9 c8 59 ad-3f 14 6b 75 8e bb 5b b5 i|....Y.?.ku..[.

Start Time: 1435714393
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 OK

 

 

View solution in context
Accepted Solution

Re: Comcast SMTP server problem

So now we know why.  Doubt if we will see a solution any time soon.

View solution in context
6 REPLIES
quetek
Contributor

Re: Comcast SMTP server problem

It seems the only settings that works is:

 

Port: 25

Connection security: None

Authentication method: Password, transmitted insecurely

 

I cannot get  either STARTTLS or SSL/TLS with normal or encrypted password.

 

How do I setup SMTP on a non-comcast network?  I don't think port 25 will be accepted.

Trusted Forum Contributor

Re: Comcast SMTP server problem

try using either port 465 or 587 if you want to use STARTTLS or SSL/TLS

quetek
Contributor

Re: Comcast SMTP server problem

Yes, the correct port is used for each protocol (if you have not not use Thunderbird, the software is smart enough to set the default port when a certain protocol is selected).

 

I can telnet directly to the port numbers on the server.  So this could be a problem with Thunderbird.

quetek
Contributor

Re: Comcast SMTP server problem

My coworker ran into the exact same problem after updating Thunderbird.  So this seems to be a compatible issue with the latest version of Thunderbird.  Just wonder if anybody at comcast has time check it out?  Thunderbird is freely available and there should be quite a few of people using it (not really based on the responses here!).

tsweets
New Member

Re: Comcast SMTP server problem

I'm having the same issue, but I don't think this is a Thunderbird problem. I do not think that Comcast doesn't seem to be supporting TLS on thier business class SMTP outgoing email servers. The older client may have been falling back to un-encrypted mode. On a side note, the residential service (Xfinity) server does support tls. I looked for a way to submit and support ticket on this issue but only found this forum. I doubt I could get my point across over the phone of what the problem is. Here's how I tested on my Arch Linux box using openssl. 

 

 

[tsweets@keystone ~]$ openssl s_client -connect smtp.w14a.comcast.net:587 -starttls smtp
CONNECTED(00000003)
140715379508888:error:140790E5Smiley FrustratedSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 273 bytes and written 353 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated

 

 

HOWEVER

The residential service server (smtp.comcast.net) does

 

[tsweets@keystone ~]$ openssl s_client -connect smtp.comcast.net:587 -starttls smtp
CONNECTED(00000003)
depth=2 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO High-Assurance Secure Server CA
verify return:1
depth=0 C = US, postalCode = 19103, ST = PA, L = Philadelphia, street = 1 Comcast Center, O = Comcast Corporation, OU = Business Center, OU = Hosted by Comcast Corporation, OU = EliteSSL, CN = smtp.comcast.net
verify return:1
---
Certificate chain
0 s:/C=US/postalCode=19103/ST=PA/L=Philadelphia/street=1 Comcast Center/O=Comcast Corporation/OU=Business Center/OU=Hosted by Comcast Corporation/OU=EliteSSL/CN=smtp.comcast.net
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
2 s:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgIQM8L8HAe3R5lqeN4EU10vpjANBgkqhkiG9w0BAQUFADCB
iTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxLzAtBgNV
BAMTJkNPTU9ETyBIaWdoLUFzc3VyYW5jZSBTZWN1cmUgU2VydmVyIENBMB4XDTE0
MDcyMTAwMDAwMFoXDTE1MDcyMTIzNTk1OVowgeoxCzAJBgNVBAYTAlVTMQ4wDAYD
VQQREwUxOTEwMzELMAkGA1UECBMCUEExFTATBgNVBAcTDFBoaWxhZGVscGhpYTEZ
MBcGA1UECRMQMSBDb21jYXN0IENlbnRlcjEcMBoGA1UEChMTQ29tY2FzdCBDb3Jw
b3JhdGlvbjEYMBYGA1UECxMPQnVzaW5lc3MgQ2VudGVyMSYwJAYDVQQLEx1Ib3N0
ZWQgYnkgQ29tY2FzdCBDb3Jwb3JhdGlvbjERMA8GA1UECxMIRWxpdGVTU0wxGTAX
BgNVBAMTEHNtdHAuY29tY2FzdC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQClQHDGTuA5IL37wvecHd4ymTQ+si08g1G2fEtmFvFZur0Bxh5qqjYs
sAYhw2nOoAFCouAVUHrXxMP+Hqb2vOgWiB/WC2oLntfI6lJcjBBhwNzq/+LyXDoH
ytgIRO4xnV4ioltllAUqs7nxH+rvWTpCXmDlUS/iwrYddc1UuStIVcfWGbDJ/1Ck
UrmqsAmpadfrbbf2AEhm1TM6enMSO8KSKAmugervTx60f8GPh72VM3BasKf15GeS
FtsbT4GgpUWChSznSzuEID2Pfi4LsrSsEf3iII0kTnLIdvl2EGCA/xoKL703hDVQ
i1A3nYNuXBWdVD48YnQRDqr3fWAkhlTtAgMBAAGjggHaMIIB1jAfBgNVHSMEGDAW
gBQ/1bXQ1kR5UEoXo5uMSty4sCJkazAdBgNVHQ4EFgQUAynEc1cROVIKlz5LsuZm
95QXIKIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCsw
KQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeB
DAECAjBPBgNVHR8ESDBGMESgQqBAhj5odHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9D
T01PRE9IaWdoLUFzc3VyYW5jZVNlY3VyZVNlcnZlckNBLmNybDCBgAYIKwYBBQUH
AQEEdDByMEoGCCsGAQUFBzAChj5odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01P
RE9IaWdoLUFzc3VyYW5jZVNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYY
aHR0cDovL29jc3AuY29tb2RvY2EuY29tMDEGA1UdEQQqMCiCEHNtdHAuY29tY2Fz
dC5uZXSCFHd3dy5zbXRwLmNvbWNhc3QubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQDO
23GqbiapNrPbM4dBYIxbYs9jyf54d15A8XwPakRXdMgr1T3oWE1bbbyoJxXt4lu1
TI8DzHISvygh1WWEAd0au6DdDbkMpriI0YxRjaQDm2cqM8kE/ITpQSJ0acQEzQcf
6HDGd/Jongf5HL0E/uo8J0t57Pp3eENOSgW1ICwp8uVT30dRh7UUseEawBj9/NVU
iEIehNKkR8pKdkbHCD34G+Q4xfvCevHi/sZ7iJLfl2/Bck2TVSLcosVv3wrdAEeV
z0to0l9aosDVXeXFBedhbbsvPxbMPwIpLS5eDhsXvO6jOrnBWNe+x0Psz8S+QJa5
Qj7LrmxS+7IxqEWJB0V/
-----END CERTIFICATE-----
subject=/C=US/postalCode=19103/ST=PA/L=Philadelphia/street=1 Comcast Center/O=Comcast Corporation/OU=Business Center/OU=Hosted by Comcast Corporation/OU=EliteSSL/CN=smtp.comcast.net
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO High-Assurance Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 5023 bytes and written 567 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-SHA
Session-ID: F9C5D8B413065E5D1296D0A956E8BC6703C935B8D8F20CE60A0211E577907EA5
Session-ID-ctx:
Master-Key: 70AE4C646038BE5C3FD54FA1B748FD2B1836DC4D7ABD718A0CEF604219FDB588ACF740CBBC4934822D1DB92C9309D7C9
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 81 57 af d8 2c 70 20 f6-b8 1c a2 f5 3b bf 9d 35 .W..,p .....;..5
0010 - c5 98 1d 73 75 78 9f 62-3d 0d 94 15 9e 1c 15 aa ...sux.b=.......
0020 - f9 71 75 51 79 64 c6 81-70 fa d6 85 88 a8 81 04 .quQyd..p.......
0030 - 28 9d b3 53 2e 01 38 dd-83 64 6c bf 64 4e 41 66 (..S..8..dl.dNAf
0040 - a1 21 b3 21 83 96 90 1f-63 e6 dd 57 25 0d 36 3f .!.!....c..W%.6?
0050 - cb bd 13 b4 e4 41 88 92-20 43 ee 6d a3 29 a1 63 .....A.. C.m.).c
0060 - 94 19 99 46 f2 4a 9d 94-23 cc d0 f2 47 12 f4 62 ...F.J..#...G..b
0070 - ee 1f 5f 88 ae ab a9 c4-ea b9 fe ef 7d 5f e4 00 .._.........}_..
0080 - 0f 00 29 fb c6 7e a0 b0-07 9e a8 ea cf d7 49 42 ..)..~........IB
0090 - 69 7c d8 0e c9 c8 59 ad-3f 14 6b 75 8e bb 5b b5 i|....Y.?.ku..[.

Start Time: 1435714393
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 OK

 

 

quetek
Contributor

Re: Comcast SMTP server problem

So now we know why.  Doubt if we will see a solution any time soon.

Discussion stats
  • 6 replies
  • 6088 views
  • 0 kudos
  • 3 in conversation