Secure IMAP broken in Leopard

Similar Messages

• Can I set my iPhone to use Secure IMAP

  Hi,
  I just got my iPhone activated today and am trying to connect to my office mail server but we use a secure IMAP connection and I can't figure out how to configure this on the iPhone. Does anyone know of a way or can someone confirm that it is possible with the iPhone?
  Thanks

  Ryan,
  I can tell you that mine is connecting over secure IMAP to our mail server at the office. (Which I manage.)
  Now, I don't know exactly how to configure it from scratch, during activation the iPhone copied over my settings from Mail.app, and got it right.
  In Settings>Mail>[Account Name]>Advanced there are switches for "incoming" and "outgoing" SSL. In my case, both of those are on.

• Photoshop: values for type, brush, crop, lasso etc tools broken on Leopard

  I posted this in answer to another thread, but decided that it may be helpful to some Photoshop users if it had its own topic:
  The following is a technote copied from Adobe's forums, regarding the performance of several menus for key tool settings in Photoshop CS3 running in Leopard:
  *Changing values for type, brush, crop, lasso etc tools broken on Leopard*
  *Kirsten Harris - 08:58pm Nov 15, 2007 Pacific*
  Adobe and Apple are working closely to provide a fix to a known issue running Adobe Photoshop CS3 and Photoshop CS3 Extended on Mac OS X Leopard (v10.5.1). Currently, when you enter values in numerical fields to set sizes for the brush, crop, marquee, lasso, type, and other Photoshop CS3 tools, those values revert to previously entered values when you try to apply them.
  # While we have identified workarounds for some of the affected tools, this issue prevents people from working as precisely and intuitively as they expect. Providing a fix to customers is a top priority. Please note the following: The fix will be provided through an update to Mac OS X Leopard. Consequently, it is not part of the Photoshop CS3 (10.0.1) update.
  # Apple is collaborating closely with us to get this fix incorporated into a Mac OS X Leopard update. No public schedule is available at this time, but both companies understand the urgency of this fix.
  # As soon as the appropriate update to Mac OS X Leopard is available, we will immediately alert our Photoshop users.
  Affected Photoshop CS3 tools: Art History tool, Blur tool, Brush tool, Burn tool, Color Replacement tool, Clone tools (all), Crop tool, Dodge tool, Eraser tools (all), Gradient tool, Healing tools (all), History tool, Lasso tools (all), Line tool, Magic Wand tool, Marquee tools (all), Paint Bucket tool, Pencil tool, Polygon tool, Quick Selection tool, Red Eye tool, Rounded Rectangle tool, Sharpen tool, Smudge tool, Sponge tool, Slice tool, Type tool
  Workaround for tools with sliders: Instead of typing in a number, use the sliders to change the value.
  Workaround for tools with pop-up menus: Enter a value for the size but don’t press Return/Enter to apply the value. Instead, choose it from the top of the Size pop-up menu to commit it.
  Workaround for tools which do not have sliders or pop-up menus: For certain tools, such as the Line tool, you may want to set up presets that you can load to set common sizes. Alternatively, you can restart Photoshop CS3 to clear the problem. You will then be able to enter values again. However, the issue typically re-surfaces quickly.
  If additional details come to light, our tech doc Values in numerical fields in Photoshop CS3 revert to the previous value in Mac OS X v10.5.1 (Leopard) will be updated.

  Well, that's interesting! Here I thought the problem with my CS1 was just that it was too old, running in Rosetta and all, and would be fixed when I get my Xmas treat of CS3. Wonder if that means when the fix comes from Apple it will also fix the same problem in CS1? Of course, by then I'll probably have CS3.... Thanks for posting this, I would have been mighty annoyed to have plonked down my 200 bucks only to discover that I had the same bugs.
  Francine
  Francine
  Schwieder

• Latest Security Update for Snow Leopard

  After installing the latest Security Update for Snow Leopard, my MacPro is having sleep issues, it will not wake up, the drive seems to be spinning w/o awakening.. I have to manually shut down and reboot. Then all is fine.
  How do I fix this????
  MacPro 10/6/8
  2 x 3 GHz Quad-Core Intel Zeon
  12 GB RAM

  Don, I did check with the update and I must have installed it because there is nothing available. This problem started yesterday, 2/11/12 and is continuing today.
  I am checking to see if the update is the issue, or if my computer has a different issue. The only problem seems to be the disk spinning at wake up from sleep. I can shut down and reboot. Thankfully.

• Is there a 12/23/2014 security update for Snow Leopard.  Does it need one?

  Is there a 12/23/2014 security update for Snow Leopard?   Does it need one?  

  The ntp-4.2.8 folder that's created when you download the /ntp-4.2.8.tar.gz file and unzip it. Inside it are subfolders, such as clockstuff w/propdelay.o and libntp w/a_md5encrypt.o, assertions.o, atoint.o, etc. Many .o files abound.
  OK, but this isn't .o, it's -o. I don't know of any file extension that uses the - hyphen. Are there any?
  Anyway, at the end of flatsixracer's instructions, for sudo ntpd --version, he wrote, "(should now be: ntpd [email protected])" So, since he gets that when running the update, I'm thinking this can go either way, with or without the -o, and be normal.

• Security updates for snow leopard

  Hello Apple People,
  I seem to be getting conflicting advice around upgrading my browser.
  I'm on Snow Leopard on a mid-2009 Macbook. As I'm not receiving security updates and there are some websites telling me I need to upgrade, I decided to buy Mountain Lion from the online Apple Store. I couldn't redeem the code. I spoke with Apple who said I didn't need to get ML anyway, that I'd been given the wrong advice in-store and that I can go straight to Yosemite. They are refunding me which is good. Still, I'm no further ahead. I had prepared the way for upgrading: added 2GB RAM so I have 4GB. I've installed Office 2011 so that I shouldn't lose my Word 2004 docs. I have an external hard drive that I back up using Time Machine.
  My concern is that I am vulnerable security-wise. Can anyone suggest what I do next? Maybe maximise my security settings? How can I find these?
  Thanks.

  Nothing compels you to keep using Safari. Firefox and Chrome  work very well with Snow Leopard and are kept up to date. Interesting that the people who handled your problem with Mountain Lion were so eager to push you to Yosemite, rather than fix the problem.
  The other thing you can do right now is go into your System Preferences/Date & Time and turn off "Set date and time automatically". You can fix this vulnerability yourself with a little not-too-difficult work:
  http://www.macissues.com/2014/12/24/how-to-manually-patch-ntp-for-os-x-10-6-and- 10-7/
  I am not at all expert in using Terminal to do stuff like this, but I was able to assemble the necessary peices and get it done. It is well worth it to me to be able to keep using the best OS Apple has produced in the OS X era.
  Regardless of which one you choose, there is no support for older apps that dowork with Snow Leopard because it has Rosetta, which allows continued use of PPC applications. Sounds like you are preparing for that end of things.
  There are many changes to the user interface in both Mountain Lion and Yosemite, and they are generally not improvements. There are problems with improper external disk ejection in both of them that will apparently never be fixed by Apple. You should make a bootable clone of your Snow Leopard system in case you want or need to keep using it. This would involve using an external HD other than your current Time Machine disk. Not a big expense, as it affords you an additional, fully functional backup, and it would be better than burning your bridges by installing over your currently functioning system.

• Mail Duplicates IMAP account Snow Leopard

  Hey everyone-
  I'm getting duplicate emails on an IMAP account- I know there is another post about this issue, but it seems to mostly pertain to POP emails, but nothing I've read or seen on this forum or any other has yet helped me. Also I don't know if my situation is exactly the same as the others. I will try to include all factors that may (or may not) be relevant.
  -Model and OS, you can see in my signature line.
  -IMAP email account that worked previously in Leopard. Also, this email account works perfectly on wife's macbook using the exact same settings. This account works on iPhone 3GS, on Thunderbird for XP and Outlook for XP. Further, this email account works on a seperate user account I created on my MBP just to test Mail.
  -When I try to mark the duplicate emails as "read" from within Mail, there is a squiggly upward arrow that appears next to the message-I'm assuming Mail is trying to tell me something-anybody know what?
  -I have done the following with no result: deleted cache, verified/repaired disk permissions, deleted and added mail account (multiple times, including Library files related to this account), restarted in "safe" then restarted again (per Apple tech support), and reinstalled Mail directly from SL disk (again multiple times).
  -Since I'm beginning to think its related to my specific user account, it may also matter that this user account has been migrated from iBook G4 12" 1.33 Tiger, then to this MBP Leopard when it had a 200GB HDD, upgraded to SL, then again to the 500GB HDD.
  I'm at my wit's end. Willing to take any measure, including completely removing Mail itself. Every mail account I use is IMAP or Exchange, it would be a pain to have to put them all back on (I use like 6 emails accounts), but anything to get Mail working again.
  Peace
  Curtis

  I should also mention deleting preferences files, and that this is NOT a gmail account.

• 2 problems! - RAM module broken & Snow Leopard not loading

  Hi,
  I have 2 problems:
  I got Mac Mini (late 2009 model, 2,26ghz, 2gb) upgraded from 2GB to 4GB from this Apple Premium Reseller (http://www.stormfront.co.uk/). When I got it back and switched it on and immediately got 3 beeps which indicated bad ram or logic board. The y took it back and said they sent it to their workshop in Exeter and fixed it. When I switched it on I still got 3 beeps. Took it back to the shop they said don't what to do and get the workshop to ring me back on Monday. At this point I'm fuming!!! So I decided to take apart the Mac MIni myself. Upon discovery that one of the memory modules is broken, I bent the bit metal back and it seems to ok after hardware tests and is working now. What can I do about this? I honestly did not break this and know it was the shop but how I van prove this? What would be done about a replacement as I have no longer sold, would I get a discount on brand new mac mini?
  As mentioned above that I took it apart I cant load up Snow Leopard, I just get the Apple logo plus the spinning wheel I can hear some hard drive activity but does nothing ( I left it for 20 mins). I then booted from the SNow Leopard and ran disk verify it came up with errors and said to format and restore, which I have done via Time Machine. But I still get the Apple plus spinning wheel. I know the hard rive ok now because I can boot into Windows via bootcamp. So what I should do?
  Any help would be appreciated.

  it seems that it's not emptying trash for you. only emptying trash will actually free up space on the drive. what exactly happens when you empty trash? does it seem to empty?
  click on the trash in the dock. is there anything inside?

• Functional Security Software for Snow Leopard?

  Hi everyone. I just made the move to Snow Leopard (10.6.1), and I'm curious about what security software is decent and available for SL. My school provides access to Symantec AntiVirus for OS X, but unfortunately the only version they provide is incompatible with Snow Leopard. I've been trying out ClamXAV, but on Snow Leopard it crashes quite frequently, and isn't very good at catching threats. I can't find much else out there that might be a good security solution...
  Today during a scan ClamXAV caught something called "PHP.Defash.B" in my Opera cache folders. I deleted the file, but I know it's never that easy! I never thought I'd see the day when a Mac could be infected by anything, but I'm slowly realizing that times are changing. Can anyone tell me what software would be best to use to keep things secure and stable, preventing Trojans, Hacks, and other malware? Thanks!
  Message was edited by: Carbonyl

  Snow Leopard's anti-malware measure has been regarded as rudimentary at best.
  The only complaint I've seen has been a claim that it only scans things that have been downloaded by Safari, but I only saw that in one place and have no way to verify whether or not it is true. It's hard to find malware information that doesn't come from the makers of anti-malware software, which can hardly be considered unbiased sources. They want you to buy their software, after all!
  If you've found a decent source where someone not affiliated with one of these companies has done some testing, I'd like to see it. (Not being sarcastic... I really would like more information, which seems to be sparse so far. Everyone seems to be taking Intego's word on the matter despite their obvious bias.)
  It's limited to two trojans, and doesn't seem to be something that will evolve over time.
  Currently, all Mac trojans in the wild are variants of the two that are detected. Whether or not this means that it will detect all these variants is unclear, but it seems odd that Apple would spend the resources to add this feature and not spend a tiny fraction more to add definitions that would match all current Mac trojans. Until I see a report from an unbiased source saying "I tested every known Mac trojan (and here's a list) and it didn't detect these," I'm going to assume that Apple didn't do something that makes no sense whatsoever.
  As to whether it will evolve over time, I'm not sure why you think it wouldn't. The current design makes it very easy to update a single, small definitions file with a security update.

• HT1222 Does the most recent security update for Snow Leopard break Rosetta or has that been fixed?

  I want to make sure Security Update 2012-001 does not break Rosetta on Snow Leopard.  I heard something about that, and I can't afford to lose my PowerPC applications.  Thanks.

  The original one did have such issues.
  The revised v. 1.1 version got rid of those issues.
  Only the v. 1.1 version is now available for download. It can be installed as the only update, or on top of the original update to correct the problems.

• 'SNMP Security access violation' from Leopard

  Hi all,
  We're noticing on Leopard (not Tiger) that when a user tries to add a printer and lets the "Default" printer type browse the network, our switches log the following error +"SNMP Security access violation from <IP adress>+".
  This is going to be a security problem for us when we implement a new system that uses SNMP.
  This didn't occur in Tiger, and even happens if we disable Boujour and SNMP on the Leopard clients.
  Can anyone please advise what is happening and how I might be able to stop these SNMP traps being sent when browsing for a printer??
  Thanks in advance.

  Hi Jon,
  This information may be useful to you:
  http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627124348873889228353475&threadId=398409
  Regards,
  Peter.

• IMovie 08 Broken in Leopard, but old version works

  2.0 Core Duo Macbook Pro. Upgraded to Leopard, then upgraded iLife. iLife mostly works.
  I movie is broken. I can start iMovie 08, but the things like NEW PROJECT, NEW FOLDER, are grey and unselectable. Other menu items are not grey however. I can't open old projects with it. If i drag an old project onto the imovie desktop icon, it just ignores it.
  iMovieHD works fine.

  I'm having the same issues with iMovie I imported 4 hrs of video over Christmas and the new year and edited it into 3.5hrs and then broke the edited version up into manageable smaller sizes for export to several DVD'S using iDVD but when I l ran imovie to do this,the next time i had time available to do this stage, I found the same issues as you ... I hope all this work has not been for nothing . . .
  to check the problem was not with the old files I created a very small new project using the built in camera of only a few second and it has the same issues. . .
  Maybe it's me but i can't find any references to this in Apples online support . . .
  I the past i have used a commercial video editing and burning program on another machine but both need upgrading badly so i opted for a new Mac and the built in software . . . thinking this would be a better long term investment
  At least I now know I'm not the only one with this problem . . . I just wish Apple would fix this issue . . . SOON
  If I wanted unstable beta ware software i would have gone windoze . . .

• Secure Mail Login (Lame question) Is there a secure IMAP login without SSL?

  We want to protect our external users' passwords from easy sniffing on the wire in the wild Internet (since users are in LDAP, these passwords may also be used for interactive logins to the servers, so keeping them in the open is not a good idea). As you may infer from my questions, I'm not too strong in this area yet.
  I understand that we can set up SSL/TLS wrappers or use native support for SMTPS, POP3S and IMAPS, or even set up a VPN server; however there are a number of clients (i.e. certain PDA's and cell phones) which don't suggest even tweaking the server port number, and only work over standard SMTP/IMAP/POP3.
  As much as I understand, this security stuff has long ago been such a problem that SMTP evolved several different ways of secure authentication. One is STARTTLS where a supporting SMTP server/relay and client can use enhanced commands on a normal SMTP port (tcp/25) to switch from plaintext to TLS-protected dialog on-the-fly (and use authentication after this step).
  I believe (but may be wrong doing so) there may also be a way when the user password submission for SMTP authentication is cryptographically protected, but the rest of the dialog is in plaintext. (Basically, IIRC, one or a few lines are protected by sending a hash of the password instead of the plain or BASE64 password string).
  I wonder if similar standard mechanisms exist for POP3 and IMAP at all, and if they are implemented in Sun Messaging Server in particular.
  And where should I best read up on these subjects? :)

  JimKlimov wrote:
  As much as I understand, this security stuff has long ago been such a problem that SMTP evolved several different ways of secure authentication. One is STARTTLS where a supporting SMTP server/relay and client can use enhanced commands on a normal SMTP port (tcp/25) to switch from plaintext to TLS-protected dialog on-the-fly (and use authentication after this step). Messaging server supports providing a SSL encrypted port (465) and also providing STARTTLS on a plain-text port (e.g. 25).
  The quickest way to enable this is to run:
  ./msgcert generate-certDB
  ./imsimta cnbuild;./imsimta restartThis will generate a self-signed certificate (not appropriate for production usage but fine for testing). To verify that it is working perform the following steps:
  telnet <mail-server> 25
  ehlo blah.comYou should see a line that says "250-STARTTLS".
  If you want to enable the SSL port (465), uncomment the following line in the dispatcher.cnf file:
  TLS_PORT=465You will need to run ./imsimta cnbuild;./imsimta restart for the change to become active.
  I believe (but may be wrong doing so) there may also be a way when the user password submission for SMTP authentication is cryptographically protected, but the rest of the dialog is in plaintext. (Basically, IIRC, one or a few lines are protected by sending a hash of the password instead of the plain or BASE64 password string).The mechanisms you refer to are all discussed here:
  http://docs.sun.com/app/docs/doc/819-4428/bgbau?a=view
  Note however that "To work, the CRAM-MD5, DIGEST-MD5, or APOP SASL authentication methods require access to the users’ plaintext passwords. ".
  I wonder if similar standard mechanisms exist for POP3 and IMAP at all, and if they are implemented in Sun Messaging Server in particular.
  And where should I best read up on these subjects? :)Refer to manual page listed earlier and the following manual page:
  http://docs.sun.com/app/docs/doc/819-4428/bgbba?a=view
  Regards,
  Shane.

• Exceeding IMAP-Traffic with Leopard Mail

  I'm seeing some weird network traffic on my mailserver over IMAPS. I configured Mail.app to fetch my mail via IMAPS from my cyrus imap server. Since some weeks I get traffic warning from my provider. The traffic exceeding the former values about 2 or 3 times. I tracked this down with ntop on my server and see that there is a lot of IMAPS traffic. About 780 MB within a few ours to my MacBook with Leopard.
  So I assume that the new Mail.app is behaving different then Mail.app in Tiger. The exceeding traffic seems to start when I swiched to Leopard.
  Can anyone confirm this?

  Yes you are right. The reason is simple and quite sad
  Let assume you want to send a mail with an attachment of 1 MB size.
  First you send the mail via SMTP: upload traffic 1 MB so far. Then your Sent Items folder gets synchronized: another instance of the message is downloaded: 2 MB total.
  Then your All mail folder gets synchronised: that includes All mail, hence Sent Items as well: another 1 MB download will be generated.
  Summary:
  Sending 1 MB invokes the upload of 1 MB and the download of 2 MB.
  If you receive an email of 1 MB size: downloading to Inbox (1 MB), downloading to All Mail (1 MB)
  Summary:
  Receiving 1 MB invokes the download of 2 MB.
  The problem is related to two different issues: one with the sending-sent items relationship, the other is the missing unsubscribe option for IMAP (such function only works for Exchange).
  Best Regards
  Gergő

• Is Apple going to release a security update for Snow Leopard to patch the new 'bash' bug?

  What are the chances we will see Apple release a security update to patch this bash bug vulnerability? I really love snow leopard and don't want to update. At the same time, I don't want my computer to be vulnerable! Apple is still selling snow leopard, so are they still maintaining it?

  STWriter wrote:
  OSx 10.6.8 IS INFECTED TOO -- news says ALL for about 25 YEARS !
  I posted a site link -- check the thread.
  10.6 does have the bash bug (I confirmed that a few replies back in this thread, and I mentioned the 25 years in another reply to this thread). But that is NOT an infection. Bash did not catch it. The bug was not put there on purpose. And the bug itself does not actively do anything. It is a flaw that can allow a web server using server side scripts written in the bash shell scripting language, or a server side script that invokes bash. Or a user that allows anonymous remote ssh logins. Or has enabled the CUPS web management interface.
  All of which was said before in this thread. Along with why it is most likely not a problem for the typical Mac consumer.
  This is a serious problem for many web servers.  And there are instructions for patching bash (see above).
  The typical Mac user does not do the things that put them at risk. And if they know how to set their Mac up to put themselves at risk, they are knowledgable enough to follow the patching instructions.