MailShield seems to block certificate exchange on Port 995

Hi,
I have a 3rd party tool, that tries to fetch mails over port 995 with ssl. When the option “scan incoming mails” is disabled, everything works fine.
I used wireshark to find out whats going on and can see, that during the ssl handshake a certificate will be exchanged.
If “scan incoming mails” is enabled, the ssl handshake fails and the certificate can not be seen in the tcp dump.
It seems to be blocked by the MailShield.

How can I solve this?

Thanks

Provide details.

It is the Telekom KIM ClientModule used to send and receive emails vie the telematikinfrastruktur.
ithin the email client this tool acts as email server but in fact it is more a kind of proxy.
The tool itself acts as a mail client connecting the server in the telematikinfrastruktur.

I hope, this explaination is OK ;D

  • Which Avast…? (Free/Premium)
  • Which version/build of Avast…?
  • OS…? (32/64 Bit…? - which SP/Build…?)

Avast Free Antivirus 21.1.2449 (Build 21.1.5968.643)
Windows 10 64-Bit, Version 20H2 (Build 19042.867) Windows Feature Experience Pack 120.2212.551.0

Update to the latest version (21.2): https://forum.avast.com/index.php?topic=255221.0

Done, but still the same: The certifikate in the tls handshake is not visible in wireshark.
Disabling the scan-option in the mailshield makes it work.
Any other ideas?

Well, mail shield uses its own certs, your tool might mess this up.
But that would be something for the devs to answer/investigate.

Hi,

Try exporting the Mail Shield certificate and importing it into your email client.
Please see this guide https://support.avast.com/en-ww/article/Troubleshoot-invalid-email-certificate/