Email not encrypted when sending to a user@cox.net address from Gmail?

MichaelJ said:
Are you seeing the same error with any other recipients of emails from you?

Hi Michael,

These are emails I'm sending from Gmail to my Cox account. No, no other email addresses I'm sending TO are coming up as 'unencrypted error' except for the @cox.net one.

Link In Message

https://support.google.com/mail/answer/6330403?p=tls&hl=en&rd=1

It shows you are downloading your Cox email without TLS. You are probably using POP instead of IMAP, so Google is doing a port scan on pop.cox.net(instead of Imap.cox.net) and not seeing 587. See here on more info on how Gmail does this. See Cox IMAP settings here and be sure to use TLS on port 587 as seen here.  Keep in mind you can't mix email standards. So either everything has to be IMAP or POP3. 

Tecknowhelp said:

It shows you are downloading your Cox email without TLS. You are probably using POP instead of IMAP, so Google is doing a port scan on pop.cox.net(instead of Imap.cox.net) and not seeing 587. See here on more info on how Gmail does this. See Cox IMAP settings here and be sure to use TLS on port 587 as seen here.  Keep in mind you can't mix email standards. So either everything has to be IMAP or POP3. 

I'm not downloading anything. I'm sending TO a Cox email address.. not RECEIVING from one.

Meep said:
I'm not downloading anything. I'm sending TO a Cox email address.. not RECEIVING from one.

My mistake. I was confusing TLS(AKA STARTLS) for SMTP with  SSL. TLS used to be called SSL for IMAP. Try using IMAP with authentication on port 993 with SSL. I can send a email from my gmail.com account to my Cox.net account inside webmail, so maybe it's a client thing? Can you try sending again and checking webmail.cox.net? Or try sending to another Cox email? If that doesn't work, I am out of ideas.

I can help more but it would require using your settings on a virtual machine of mine but that might have privacy concerns. I have a test cox.net email account not attached to anything, and a bunch of gmail.com spam accounts, if that would help.

Also, have you tried Google's forum to get more information on how this is triggering a warning? Port scan? Some script during server negotiation? Can it detect encryption with the transfer from Cox's MTA to their email server? I find it hard to believe there is such a wide problem and I haven't heard anything about it before, and I belong to 4 Cox evolved forums. Not saying your problem isn't real, just not universal so need more data.

PS. Are you using a normal user@gmail.com account or a Google App or Business domain? If so, you can turn off TLS compliance in your Admin portal. See instructions I gave in previous post.

Tecknowhelp said:

Meep said:
I'm not downloading anything. I'm sending TO a Cox email address.. not RECEIVING from one.

My mistake. I was confusing TLS(AKA STARTLS) for SMTP with  SSL. TLS used to be called SSL for IMAP. Try using IMAP with authentication on port 993 with SSL. I can send a email from my gmail.com account to my Cox.net account inside webmail, so maybe it's a client thing? Can you try sending again and checking webmail.cox.net? Or try sending to another Cox email? If that doesn't work, I am out of ideas.

I can help more but it would require using your settings on a virtual machine of mine but that might have privacy concerns. I have a test cox.net email account not attached to anything, and a bunch of gmail.com spam accounts, if that would help.

Also, have you tried Google's forum to get more information on how this is triggering a warning? Port scan? Some script during server negotiation? Can it detect encryption with the transfer from Cox's MTA to their email server? I find it hard to believe there is such a wide problem and I haven't heard anything about it before, and I belong to 4 Cox evolved forums. Not saying your problem isn't real, just not universal so need more data.

PS. Are you using a normal user@gmail.com account or a Google App or Business domain? If so, you can turn off TLS compliance in your Admin portal. See instructions I gave in previous post.

Try it out yourself. All you need is a regular Gmail account. I'm not doing anything special or using Gmail through my Cox Webmail.I'm using Google's web interface (http://mail.google.com)

Log into Gmail, click Compose new Email. 

Type "blahblah@cox.net" and press space bar. You'll see on the far right of the "To:" field there's a Red unlocked icon clicking it brings up the image I posted earlier.

Ahh, I see. I thought the pop up was coming from a email client, not the web UI. So that is detecting something before it even talks to the cox email servers. Probably is a DNS query on Cox email domain and seeing it doesn't force TLS. Thats why it says "some" recipients. Its like the warning you get when connecting to a open wifi network. You should consider it, but it shouldn't be breaking anything. Do you still get the email when you send from gmail web UI to webmail.cox.net?

Tecknowhelp said:

 Thats why it says "some" recipients.

I think it's just a naming convention. They say "some" recipients because you can batch/group/cc multiple people from the "To:" field. In this case "some" recipients, are all recipients (if there is only one).

Tecknowhelp said:

Do you still get the email when you send from gmail web UI to webmail.cox.net?

Yes, that's no problem. Still comes in.

ChrisL said:
@Meep

I noticed this too starting the other day.  This appears to be a new feature of Gmail as part of a bigger initiative on their part:

http://gmailblog.blogspot.com/2016/02/making-email-safer-for-you-posted-by.html

Hi Chris,

Thanks for the reply. What are we doing to correct this problem?

Then basically there is nothing you can do. Ignore the warning. Its something Gmail changed. 

ChrisL said:
@Meep

Rest assured there is no problem.  Email is continuing to work as it always has.

A lack of encryption during transit isn't a problem then? I'm confused.

Was it a problem 2 weeks ago? Depends on how you define "problem". The connection from gmail SMTP server to Cox's Mx server is secure, and the connection from Cox's IMAP server to customer can be secure. What is not secure (as I understand it) is the connection between Cox's main mail server and the local POP/IMAP doesn't use TLS. This would only be a issue if someone was able to hack your PC and redirect your email traffic to a man in the middle attack. Is it more secure? Yes. Is it more compatible and user friendly? No.