Hopeless Geek

Mail alerted me from the background that it couldn’t check an account and I was about to just dismiss the error, thinking a server went offline for a little or something, when I read it was a certificate error with Gmail. Well, that happens, so I checked the certificate.

It was for Yahoo.

I have an AT&T DSL line, so all my services are done via Yahoo, so I immediately got a little concerned that there was some lower-level crap going on. I hit Terminal:

$ host pop.gmail.com
pop.gmail.com is an alias for gmail-pop.l.google.com.
gmail-pop.l.google.com has address 64.233.167.111
gmail-pop.l.google.com has address 64.233.167.109

Well, that appears ok. Both forward and reverse lookups show those as being Google’s (even using another DNS server). So then I checked the connection itself. That’s where it got messed up.

$ openssl s_client -host pop.gmail.com -port 995
CONNECTED(00000003)
depth=0 /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=pop.att.yahoo.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=pop.att.yahoo.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=pop.att.yahoo.com
verify error:num=21:unable to verify the first certificate
verify return:1
...
+OK hello from popgate on pop105.sbc.mail.mud.yahoo.com 2.38.1

Connecting to Gmail’s POP port redirects me to Yahoo!‘s mail server.

I’m sorry, but what is going on here? It has resolved itself since then, but the mere fact that this happened at all is rather worrisome. Why are they messing with redirecting my mail requests somewhere else?