The following was posted in the Comcast news group.

Will this affect using Agent V8 for sending and receiving Comcast
emails?

Boris <boris@invalid.com> wrote:

> In the email sent out by Comcast, announcing that some devices/email
> clients may be using software that uses TLS 1.1 or lower, will no longer
> be supported by Comcast mail.
>
> In that letter, Comcast gives an xfinity email address to which one can
> send a test email to see if your email software passes their
> requirements. I did, and I pass.
>
> But why does the letter say that one can test up to five times a day?
>
> Here's some of the letter:
>
> "We noticed you're accessing your Comcast.net email through an older
> email application or device, such as an older smartphone. Unfortunately,
> some older devices, operating systems, and email applications don't
> support current security protocols and therefore put your data at risk."
>
> "We'll contact you again before these changes are made. You can check if
> your email applications are up to date by sending a test email to
> xfinity-tls-test@alerts.xfinity.com up to five times per day. "

A user can employ multiple e-mail clients, not just one. The limit is
probably to ensure there is decent response from the test service
rather
than having all their users flood it at the same time while testing an
unusually high count of e-mail clients. Plus, a Comcast account can
have more than one e-mail account: owner account plus up to 5 member
accounts (or maybe it's 5 total for owner+member). If their test
server
gets flooded, users would get frustrated in not receiving the response
e-mail for a long time instead of nearly immediately.

SSL was found vulnerable, so it got dropped. SSL 3.0 was the last
version. TLS 1.0 is exactly the same as SSL 3.0, except the
handshaking
was changed for TLS 1.0, so SSL 3.0 and TLS 1.0 were made
incompatible,
but security was not improved, so TLS 1.0 is just as vulnerable as SSL
3.0. TLS 1.1 came next, and found vulnerable. So, many sites or
services now require TLS 1.2 at a minimum although TLS 1.3 is now
available.

https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0

https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols

On Thu, 06 Oct 2022 06:06:19 -0500, gp@rr.com wrote:

> The following was posted in the Comcast news group.
>
> Will this affect using Agent V8 for sending and receiving Comcast
> emails?

Yes, it will affect Agent. There is a small configuration change to
make in Agent.

See this message for details of the configuration change:

* On Google Groups: <https://groups.google.com/g/alt.usenet.offline-reader.forte-agent/c/mJmtMSUqp6M>

* On Narkive: <https://alt.usenet.offline-reader.forte-agent.narkive.com/35h3yv8s/notice-agent-and-ssl>

* On Usenet: <news:p8hpuglnb0tot2oot3ob7m8n1k940kfgcl@4ax.com>

If you are using Windows 7, 8, 10, or 11, then this will work.
If you are using XP, this may not work. XP did not support TLS1.2.

> Boris <boris@invalid.com> wrote:
>
> > In the email sent out by Comcast, announcing that some devices/email
> > clients may be using software that uses TLS 1.1 or lower, will no longer
> > be supported by Comcast mail.
> >
> > In that letter, Comcast gives an xfinity email address to which one can
> > send a test email to see if your email software passes their
> > requirements. I did, and I pass.
> >
> > But why does the letter say that one can test up to five times a day?
> >
> > Here's some of the letter:
> >
> > "We noticed you're accessing your Comcast.net email through an older
> > email application or device, such as an older smartphone. Unfortunately,
> > some older devices, operating systems, and email applications don't
> > support current security protocols and therefore put your data at risk."
> >
> > "We'll contact you again before these changes are made. You can check if
> > your email applications are up to date by sending a test email to
> > xfinity-tls-test@alerts.xfinity.com up to five times per day. "
>
> A user can employ multiple e-mail clients, not just one. The limit is
> probably to ensure there is decent response from the test service
> rather
> than having all their users flood it at the same time while testing an
> unusually high count of e-mail clients. Plus, a Comcast account can
> have more than one e-mail account: owner account plus up to 5 member
> accounts (or maybe it's 5 total for owner+member). If their test
> server
> gets flooded, users would get frustrated in not receiving the response
> e-mail for a long time instead of nearly immediately.
>
> SSL was found vulnerable, so it got dropped. SSL 3.0 was the last
> version. TLS 1.0 is exactly the same as SSL 3.0, except the
> handshaking
> was changed for TLS 1.0, so SSL 3.0 and TLS 1.0 were made
> incompatible,
> but security was not improved, so TLS 1.0 is just as vulnerable as SSL
> 3.0. TLS 1.1 came next, and found vulnerable. So, many sites or
> services now require TLS 1.2 at a minimum although TLS 1.3 is now
> available.
>
> https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0
>
> https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols

--
Kind regards
Ralph
🦊

On Fri, 07 Oct 2022 06:43:34 +1300, Ralph Fox <-rf-nz-@-.invalid>
wrote:

>On Thu, 06 Oct 2022 06:06:19 -0500, gp@rr.com wrote:
>
>> The following was posted in the Comcast news group.
>>
>> Will this affect using Agent V8 for sending and receiving Comcast
>> emails?
>
>
>Yes, it will affect Agent. There is a small configuration change to
>make in Agent.
>
>See this message for details of the configuration change:
>
> * On Google Groups: <https://groups.google.com/g/alt.usenet.offline-reader.forte-agent/c/mJmtMSUqp6M>
>
> * On Narkive: <https://alt.usenet.offline-reader.forte-agent.narkive.com/35h3yv8s/notice-agent-and-ssl>
>
> * On Usenet: <news:p8hpuglnb0tot2oot3ob7m8n1k940kfgcl@4ax.com>
>
>
>If you are using Windows 7, 8, 10, or 11, then this will work.
>If you are using XP, this may not work. XP did not support TLS1.2.
>
>
>
>> Boris <boris@invalid.com> wrote:
>>
>> > In the email sent out by Comcast, announcing that some devices/email
>> > clients may be using software that uses TLS 1.1 or lower, will no longer
>> > be supported by Comcast mail.
>> >
>> > In that letter, Comcast gives an xfinity email address to which one can
>> > send a test email to see if your email software passes their
>> > requirements. I did, and I pass.
>> >
>> > But why does the letter say that one can test up to five times a day?
>> >
>> > Here's some of the letter:
>> >
>> > "We noticed you're accessing your Comcast.net email through an older
>> > email application or device, such as an older smartphone. Unfortunately,
>> > some older devices, operating systems, and email applications don't
>> > support current security protocols and therefore put your data at risk."
>> >
>> > "We'll contact you again before these changes are made. You can check if
>> > your email applications are up to date by sending a test email to
>> > xfinity-tls-test@alerts.xfinity.com up to five times per day. "
>>
>> A user can employ multiple e-mail clients, not just one. The limit is
>> probably to ensure there is decent response from the test service
>> rather
>> than having all their users flood it at the same time while testing an
>> unusually high count of e-mail clients. Plus, a Comcast account can
>> have more than one e-mail account: owner account plus up to 5 member
>> accounts (or maybe it's 5 total for owner+member). If their test
>> server
>> gets flooded, users would get frustrated in not receiving the response
>> e-mail for a long time instead of nearly immediately.
>>
>> SSL was found vulnerable, so it got dropped. SSL 3.0 was the last
>> version. TLS 1.0 is exactly the same as SSL 3.0, except the
>> handshaking
>> was changed for TLS 1.0, so SSL 3.0 and TLS 1.0 were made
>> incompatible,
>> but security was not improved, so TLS 1.0 is just as vulnerable as SSL
>> 3.0. TLS 1.1 came next, and found vulnerable. So, many sites or
>> services now require TLS 1.2 at a minimum although TLS 1.3 is now
>> available.
>>
>> https://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0,_2.0,_and_3.0
>>
>> https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols

Thanks for the quick reply, I will make this change.