Kaspersky Lab’s newest generation of security software, Kaspersky Internet Security 2018, sports a nifty new feature: support for scanning of encrypted connections, including IMAP/SMTP over SSL between your mail client and your mail servers. While this behavior is mostly desirable, it may occasionally go too far. Kaspersky will intercept your mail connections, inject itself between your mail client and mail server, and use its own certificates to protect the “last mile” of your connectivity. This will cause your mail client to complain about invalid certificates from your mail service providers. The good news is you don’t need to remove the software nor do you need to deactivate scanning of encrypted connections. You can have your cake and eat it too.
Here is how to fix the problem.