Webmail and IMAP both appear to be down

[bushnell]

Called support and worked through the obvious, restart Mail, delete Sonic.net IMAP account and re-create, etc. Pinging imap.sonic.net gave the wrong IP address (67.142.something), even after clearing the DNS cache

dscacheutil -flushcache

After trying deleting preferences, rebooting Mac, router, modem, I tried on a hunch to take a look at the local hosts file (/private/etc/hosts) and found that Avast! anti-virus had hard-wired the address of imap.sonic.net to the prior address (67.142...). Once I changed that to 69.12.218.40, everything started working.

Question now is why does Avast! hard-wire the IP address on the Mac but apparently does not need to do this on Windows (where I'm also running Avast! AV). And, why did "dig" give the correct address, but ping did not?

[kgc]

I can only answer the last question - most programs on a host, including ping, will use the systems resolver libraries to turn host names into IP addresses. Generally this means there will be a host file where static entries could be added. dig (and maybe nslookup too, I don't remember) do not use system resolver libraries and instead go straight to the name servers. This can be confusing at times.

I have *NO IDEA* why Avast would have entered it into your /etc/hosts. Some A/V programs will populate it with a list of evil doers but I've never heard of one adding a record for a mail server before.

[bushnell]

I have *NO IDEA* why Avast would have entered it into your /etc/hosts. Some A/V programs will populate it with a list of evil doers but I've never heard of one adding a record for a mail server before.

A recent update of Avast! on the Mac changed the error message that pops up on my screen, advising me to turn off SSL encryption in Mail so that Avast! can check the data for viruses. I believe (but have no way of verifying) that Avast! then does its own SSL encryption when communicating with the server. This hosts file entry seems to have been made in connection with this update.