POP Peeper v4.5.1 released

May 30, 2018

POP Peeper v4.5.1 is now available. This is strictly a maintenance update so there are no new features.
The most important fix in this release is to fix a -11 error that occurs with Yahoo, but because the list is short, I’ll include all the changes below.

You can download POP Peeper v4.5.1 here:
https://www.esumsoft.com/download/?prod=pppro

There is NOT an update for the Plus Pack, but if you have a Plus Pack license and you’d prefer the full installation (POPPeeperPro+PlusPack), you can download that here:
https://www.esumsoft.com/productrequest/

v4.5.1 changes:
– Fix: cacert-full.pem wasn’t always being used when it should (“self signed certificate in certificate chain”; imap.gmx.net)
– Fix: Certain IMAP servers (Orange) do not support the “special-use” extended flag correctly (resulting in no folder listing and error when deleting email as messages could not be moved to the trash folder)
– Fix: Certain IMAP servers (AOL/AIM) may include NULL characters in text response which caused POP Peeper to parse the response incorrectly (note: AOL subsequently fixed this issue)
– Fix: POP Peeper may not report an error if IMAP server disconnected during login
– Fix: Certain issues with pre-defined servers when creating a new account
– Fix: HTTP headers larger than 8KB would fail (this is to fix a recent Yahoo WebMail issue where http headers will sometimes be 28KB or larger, this appears to be a non-intentional Yahoo issue)
– Fix: User-flag: In View-message window, the ‘*’ to indicate the current flag might be placed on the wrong item or none at all (if using custom icons where the display order didn’t match the index order)
– Fix: User-flag: clicking directly on the (top-right) user-flag to bring up context menu would adversely affect subsequently accessing the ‘user flag’ menu under the ‘Message’ menu (graphics would be invalid)

0

Yahoo Mail issues and solutions (error -11 and OAuth2)

May 9, 2018

Update (May 17): A fix is now available for the Yahoo -11 error.  The fix is labeled as POP Peeper v4.5.1.  It is currently in the test (pre-release) phase and if there are no reported issues, it will be released officially soon.  See this page for more information.  Original content follows —

 

Right now, there are 2 issues with Yahoo that have been affecting POP Peeper.  One is with WebMail (error -11) and the other is with IMAP (OAuth2, specifically).  I will quickly explain the problems and solutions and then go into details (in case Yahoo is listening).

WebMail: Error -11
This is a symptom of an issue that I expect Yahoo will fix (details below).  I have fixed the problem in POP Peeper, but the problem is that this will require a full update to POP Peeper and not just the WebMail plugin.  This may yet be necessary if Yahoo doesn’t fix the problem soon.

Solution: Switch to IMAP
Edit the account in POP Peeper and change the “server type” to “IMAP.”  Optionally, press the OAuth2 button that will appear to the right of your login name, as this is more secure (but if you run into problems, see the next section).

Alternatively, you can wait it out (whether that’s Yahoo fixing it on their side or if I decide it’s taking them too long and a POP Peeper release is necessary).  However, using IMAP is recommended over WebMail regardless, so you may well take this opportunity to switch.

IMAP: OAuth2 empty page

If, during the OAuth2 process, you see a page like the image on the right, you have 2 choices:
1) Simply press the ‘X’ button on the top-right (next to “Yahoo!”, not the ‘X’ in the title bar) and continue with the OAuth2 process

OR
2) Log into your Yahoo account with your webbrowser, log out and sign back in and accept the TOS.  Then, return to POP Peeper and re-do the OAuth2 (close the existing OAuth2 window)

 

Details

For the webmail issue, the reason that this is occurring is because some of the http headers that Yahoo is sending are excessively large — I’ve seen headers ranging from 14KB to 28KB.  I have confirmed that these same headers occur when logging into Yahoo Mail using a webbrowser (Internet Explorer 11, specifically; because it still has one of the better network profiling tools).  Here is a sample of the header

Content-Security-Policy-Report-Only: child-src ‘self’ https://login.yahoo.net https://s.yimg.com https://s1.yimg.com https://www.tumblr.com/logout https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com https://www.google.com

This goes on and on, then has a few other URLs and then another long block of a different google URL.  Yahoo should fix this as it doesn’t seem to serve any purpose; unfortunately, POP Peeper wasn’t designed to handle this size of header and so it loses some important data (this will be fixed in any post-v4.5.0 releases).  Further, this issue seems to come and go; it may work for hours at a time, and then fail.

The empty OAuth2 page seems to be connected to the new TOS that Yahoo is requiring.  That’s about all I can tell you about this issue, but hopefully Yahoo will clear this up soon, too.

0