As of this morning I get the following error when trying to use an encrypted password for SMTP (outgoing email): "The Outgoing server (SMTP) smtp.cox.net does not seem to support encrypted passwords." Absolutely nothing was changed on my network clients until I started troubleshooting this morning. In short, Cox's SMTP servers no longer accept encrypted passwords to authenticate for outbound email using STARTTLS (port 587) or SSL/TLS (port 465); only "normal" passwords allowed. It won't even respond to a STARTTLS connection anymore. Why in the world would you disable a more secure option to authenticate for SMTP when you say your servers were being used as a spam relay? This is inexcusably stupid.

It almost seems as if Cox is going through a back-end email migration, not announcing it publicly, and screwing up the transition. These are the same problem I've encounted before when the software/options change on an email package and you can't just copy things over. Granted, we usually did it with a small group of people, invited them to participate, and made sure everything was working before ramping it up market by market.

I am using smtp.cox.net at 68.6.19.8 and SSL/TLS is working fine. I've tested with Thunderbird on Win 10 using SSL/TLS port 465 and K9 Mail on Android, same settings. I am on Cox's network, not outside, don't know if that makes a difference. To be sure we are both using the same server, what IP does smtp.cox.net resolve to on your machine? Are you inside our outside the network?

A little more info, see the mozilla support article here.... "Use of SSL or TLS means that your login and password, at the least, are encrypted. So there's no need to manually select encryption. As said, few ISPs support the encrypted password option per se; when they care about doing it properly, they offer you TLS/SSL. Encrypted passwords, when used, are generally offered instead of SSL or TLS. I think a weakness is that only the password is encrypted, whereas with SSL/TLS, your login, your password and potentially the whole of your message is encrypted." Bottom line, even if you select normal password, as required by Cox, both your user id & password are encrypted by the SSL/TLS procedure. According to Mozilla, that's doing it properly ... a good thing.

grymwulf said:It almost seems as if Cox is going through a back-end email migration, From what I am being told, they are, but no one higher up the chain told the support staff. It was only mentioned as a "server cleanup". What gets me upset is that Cox does stuff like this and never owns up to it. They just say "there was a issue but now it's fixed". That it not the kind of technical support I would trust with my email. Also, I think Cox is outsourcing their email serves so they can later start outsourcing their email support. If they are going to do that, why not just go with a good email vendor like Gmail? As part of that "server cleanup" I got a email from Cox saying since this username isn't attached to a account anymore, it will soon be deleted. FYI to anyone using a non Cox account for this forum. I got it 12/7..right around the time the problem started. From: Cox Communications, Inc. <residential@email.cox.com> Date: Wednesday, December 7, 2016 2:04 PM "Dear Cox Email User, A recent review of our records indicates that your Cox email address, xxxxxx@cox.net, is no longer associated with a Cox High Speed Internet account. Per our email policies, you may retain access to a Cox Email account for up to 90 days after disconnecting Cox High Speed Internet Service.In order for your xxxxx@cox.net email account to continue working, we need your help, which should only take a few minutes. If you do not complete the following process by January 11, 2017 you will lose access to your Cox Email account, and its contents will be deleted.Since there is no longer an active Cox High Speed Internet account linked to this email address, your Cox email account, xxxxxxx@cox.net, and all messages, contacts and data will no longer be accessible on January 11, 2017. Once deleted, content cannot be recovered." PS. None of the link in the email work. Looks like a copy/paste from a old support article. This whole thing was done badly. From start to finish.

I'm using Thunderbird 45.5.1 and started to get errors sending out emails over SMTP a few daus agp. I've tried ports 587 and 465 and both "STARTTLS" and "SSL/TLS" for the Connection Security setting. Attempts to send out-going email either fail from timing out or I get a "Sending of the message failed: The Outgoing server (SMTP) smtp.cox.net does not seem to support encrypted passwords. If anyone has a solution for this, I would love to hear it. Thanks!

No longer allowing encrypted passwords for SMTP (outgoing email) auth?

12 Replies

Replies have been turned off for this discussion

grymwulf
Contributor II
It almost seems as if Cox is going through a back-end email migration, not announcing it publicly, and screwing up the transition. These are the same problem I've encounted before when the software/options change on an email package and you can't just copy things over. Granted, we usually did it with a small group of people, invited them to participate, and made sure everything was working before ramping it up market by market.
AllenP
Valued Contributor
I am using smtp.cox.net at 68.6.19.8 and SSL/TLS is working fine. I've tested with Thunderbird on Win 10 using SSL/TLS port 465 and K9 Mail on Android, same settings. I am on Cox's network, not outside, don't know if that makes a difference. To be sure we are both using the same server, what IP does smtp.cox.net resolve to on your machine? Are you inside our outside the network?
AllenP
Valued Contributor
A little more info, see the mozilla support article here....

"Use of SSL or TLS means that your login and password, at the least, are encrypted. So there's no need to manually select encryption.

As said, few ISPs support the encrypted password option per se; when they care about doing it properly, they offer you TLS/SSL. Encrypted passwords, when used, are generally offered instead of SSL or TLS. I think a weakness is that only the password is encrypted, whereas with SSL/TLS, your login, your password and potentially the whole of your message is encrypted."

Bottom line, even if you select normal password, as required by Cox, both your user id & password are encrypted by the SSL/TLS procedure. According to Mozilla, that's doing it properly ... a good thing.
Tecknowhelp
Valued Contributor II
grymwulf said:
It almost seems as if Cox is going through a back-end email migration,

From what I am being told, they are, but no one higher up the chain told the support staff. It was only mentioned as a "server cleanup". What gets me upset is that Cox does stuff like this and never owns up to it. They just say "there was a issue but now it's fixed". That it not the kind of technical support I would trust with my email. Also, I think Cox is outsourcing their email serves so they can later start outsourcing their email support. If they are going to do that, why not just go with a good email vendor like Gmail?

As part of that "server cleanup" I got a email from Cox saying since this username isn't attached to a account anymore, it will soon be deleted. FYI to anyone using a non Cox account for this forum. I got it 12/7..right around the time the problem started.

From: Cox Communications, Inc. <residential@email.cox.com>

Date: Wednesday, December 7, 2016 2:04 PM

"Dear Cox Email User,

A recent review of our records indicates that your Cox email address, xxxxxx@cox.net, is no longer associated with a Cox High Speed Internet account. Per our email policies, you may retain access to a Cox Email account for up to 90 days after disconnecting Cox High Speed Internet Service.

In order for your xxxxx@cox.net email account to continue working, we need your help, which should only take a few minutes. If you do not complete the following process by January 11, 2017 you will lose access to your Cox Email account, and its contents will be deleted.

Since there is no longer an active Cox High Speed Internet account linked to this email address, your Cox email account, xxxxxxx@cox.net, and all messages, contacts and data will no longer be accessible on January 11, 2017. Once deleted, content cannot be recovered."

PS. None of the link in the email work. Looks like a copy/paste from a old support article. This whole thing was done badly. From start to finish.
LBrian
New Contributor
I'm using Thunderbird 45.5.1 and started to get errors sending out emails over SMTP a few daus agp. I've tried ports 587 and 465 and both "STARTTLS" and "SSL/TLS" for the Connection Security setting. Attempts to send out-going email either fail from timing out or I get a "Sending of the message failed: The Outgoing server (SMTP) smtp.cox.net does not seem to support encrypted passwords.

If anyone has a solution for this, I would love to hear it.

Thanks!
ChrisL
Former Moderator
@LBrian

Here's an article that'll help with regards to the correct SMTP settings. Give this a try and see if it helps:

http://www.cox.com/residential/support/internet/article.cox?articleId={a8fb24c0-6440-11df-ccef-000000000000}

Tecknowhelp

Valued Contributor II

@Becky You may want to check the SSL certificate on SMTP.cox.net. It no longer supports TLS after the outage. I notice no moderators have even reported the email outage that effected the almost entire West Coast for several days. I just tried with TLS on 587 and it failed with the error below, but worked with SSL on 465.

Trying TLS on mx.west.cox.net[68.6.19.3] (100):

seconds		test stage and result
[000.088]		Connected to server
[001.205]	<--	220 fed1rmimpi212.cox.net cox ESMTP server ready
[001.205]		We are allowed to connect
[001.206]	-->	EHLO checktls.com
[001.293]	<--	250-fed1rmimpi212.cox.net hello [216.68.85.112], pleased to meet you 250-HELP 250-SIZE 28672000 250-ENHANCEDSTATUSCODES 250 OK
[001.293]		We can use this server
[001.294]		TLS is not an option on this server
[001.294]	-->	MAIL FROM:<test@checktls.com>
[001.429]	<--	250 2.1.0 <test@checktls.com> sender ok
[001.430]		Sender is OK
[001.430]	-->	RCPT TO:<xxxxxx@cox.net>
[001.564]	<--	250 2.1.5 <xxxxx@cox.net> recipient ok
[001.565]		Recipient OK, E-mail address proofed
[001.566]	-->	QUIT

JSchmo
New Contributor
Just adding a name to the list. Outbound e-mail through smtp.cox.net no longer works with SSL/TLS. Funny that @Chris suggested @LBrian use exactly the settings LBrian already stated he had tried. In case it isn't clear: was working a couple days ago, not working now. Nothing changed on our end.

Cox needs to listen to @Tecknowhelp and fix this on their end.
Cybersec
New Contributor
Given @Tecknowhelp's post it looks like Cox has dumped TLS altogether. Someone at Cox want to explain how eliminating TLS fixes your semi-disclosed spam relay / account hijacking problem? @grymwulf, agree wholeheartedly with the unannounced back-end migration/reconfiguration theory. @ChrisL, appreciate the attempt man, but does the level of detail in this thread leave you with the impression that you're talking to folks who spend all day on Facebook? Pass these details on to the folks who screwed it up so they can try to fix it.
Tecknowhelp
Valued Contributor II
SPA has never worked with Cox email servers. The change is with TLS no longer working over SSL. SPA has nothing to do with TLS though.

Forum Discussion

No longer allowing encrypted passwords for SMTP (outgoing email) auth?

12 Replies

Related Content

Email TLS Encryption and gmail

incoming/outgoing server password

Outgoing mail

Cannot send emails due to encryption method

Encryption rollout lost local stations via CableCard

Recent Discussions

Welcome to the Archives

Gigablast

Beeping Noise

mic/status led on contour 2 remote

Internet connectivity frustrations