fetchmail-users — User questions and discussion

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/20/07, Matthias Andree <mat...@gm...> wrote:
>
> Recent fetchmail versions should, if configured with sslfingerprint,
> suppress the warning that Anne quoted. The fingerprint can be obtained from
> fetchmail's verbose output.

True, but I've been badly bitten by that before - ISP uses self-signed
certificate, certificate is changed, mail no longer collected.  I get
enough email that it became apparent within hours, but it still took
me longer than I'd have liked to identify the problem.

IMO sslfingerprint should only be used where it isn't possible to
otherwise validate a certificate.

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/20/07, Anne Wilson <can...@go...> wrote:
> fetchmail -v -v -v -c
> fetchmail: can't check mail while another fetchmail to same host is running.
> [anne@david ~]$ fetchmail --quit
> fetchmail: background fetchmail at 6056 killed.
> [anne@david ~]$ fetchmail -v -v -v -c

Right, next time don't trim so much of your config file.  By doing so
you make it *VERY* difficult for those of us trying to help you.

Run the command Matthais gave.

> [anne@david ~]$
>
> > Also, what was the result of the openssl command?
>
> None.  It hung until I gave it Ctrl-C

Which suggests they're not running an IMAPS service, try 995 instead (POP3S).

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Matthias A. <mat...@gm...>]

Rob MacGregor schrieb:
> On 8/18/07, Anne Wilson <can...@go...> wrote:
>> On Friday 17 Aug 2007, Rob MacGregor wrote:
>>> On 8/17/07, Anne Wilson <can...@go...> wrote:
>>>> Fetchmail is collecting mail from several boxes on my new ISP's server.
>>>> I have suppressed the messages about how many messages were collected,
>>>> but I still get a set of
>>>>
>>>> fetchmail: Server certificate verification error: self signed certificate
>>>>
>>>> every few minutes.
>>> What version of fetchmail?  Are you running it from cron, or as a daemon?
>> 6.3.6.  It's run from cron.
> 
> 1) Upgrade to 6.3.8
> 2) Use daemon mode
> 3) Download the certificate by running the following TWO lines:
> 
> openssl s_client -connect remote.server.net:993 </dev/null | sed -ne
> '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
>> /usr/local/openssl/remote.pem
> 
> c_rehash
> 
> Replace "remote.pem" and "remote.server.net" with relevant names.
> 

Recent fetchmail versions should, if configured with sslfingerprint,
suppress the warning that Anne quoted. The fingerprint can be obtained from
fetchmail's verbose output.

Re: [fetchmail-users] Can fetchmail be configured to do this?

[Matthias A. <mat...@gm...>]

rouble schrieb:

> Now, I want to also maintain a running backup of all the email. That
> is, I want to download _one_ copy of each email (from both folders)
> from the server.
> 
> Since I view this email with other imap clients, I can not depend on
> the read/unread (seen/unseen) status of the mail that is used by imap.
> Using fetchmail with imap does not fetch messages that have already
> been seen. So this won't work for a backup.

Indeed not.

You're unfortunately out of luck with any fetchmail version released to
date, because:

(1) - POP3 has no notion of folders, it's "single mailbox".

If MS Exchange has some folder extension for POP3, point me to the
programmer's documentation (which must be openly and freely available, i.
e. free of charge and limitations and it must be suitable to develop Open
Source Software under any license I choose, particularly GPL v2) and I can
  estimate how much time it will take to implement it.

If I choose to do that, I will need temporary access (POP3 and sending
messages there) to such a server in order to test and debug.

(2) - fetchmail's IMAP code has no client-side "seen" tracking feature YET
- that's a missing feature in fetchmail I plan to correct for a later
version (that's not going to be called 6.3.something), but I presume it's
going to become winter before I get to it.

So if you need a solution now, you will have to find a client that supports
UID "seen" tracking for IMAP. Sorry!

Best regards
Matthias

Re: [fetchmail-users] How to avoid these annoying reports

[Matthias A. <mat...@gm...>]

Anne Wilson schrieb:
> On Monday 20 Aug 2007, Rob MacGregor wrote:
>> On 8/20/07, Anne Wilson <can...@go...> wrote:
>>> Abbreviated .fetchmailrc - other mailboxes removed for simplicity.
>>>
>>> set logfile = /home/anne/fetchmail.log
>>>
>>> poll zencphosting09.zen.co.uk with proto pop3
>>>         user "su...@ly..."
>>>         pass "xxxxxx"
>>>         is anne fetchall
>>>
>>> zencphosting09 is the server for my domain account.  Maybe the
>>> certificate doesn't exist on that server?  The general server for mail
>>> not on the domain addresses is mailhost.zen.co.uk.  I used that at first,
>>> but then got a message that the certificate didn't match my domain, for
>>> every mailbox, every connection.  I did ask zen if I should put a
>>> certificate onto my domain space, but they said that it was not
>>> necessary.
>> Ok, next step, please post the output of "fetchmail -v -v -v -c"
>>
> Nothing.  A pause, then return to prompt:
> fetchmail -v -v -v -c
> fetchmail: can't check mail while another fetchmail to same host is running.
> [anne@david ~]$ fetchmail --quit
> fetchmail: background fetchmail at 6056 killed.
> [anne@david ~]$ fetchmail -v -v -v -c
> [anne@david ~]$

Try: fetchmail -v -v -v -c --nodetach --nosyslog

Re: [fetchmail-users] How to avoid these annoying reports

[Anne W. <can...@go...>]

On Monday 20 Aug 2007, Rob MacGregor wrote:
> On 8/20/07, Anne Wilson <can...@go...> wrote:
> > Abbreviated .fetchmailrc - other mailboxes removed for simplicity.
> >
> > set logfile = /home/anne/fetchmail.log
> >
> > poll zencphosting09.zen.co.uk with proto pop3
> >         user "su...@ly..."
> >         pass "xxxxxx"
> >         is anne fetchall
> >
> > zencphosting09 is the server for my domain account.  Maybe the
> > certificate doesn't exist on that server?  The general server for mail
> > not on the domain addresses is mailhost.zen.co.uk.  I used that at first,
> > but then got a message that the certificate didn't match my domain, for
> > every mailbox, every connection.  I did ask zen if I should put a
> > certificate onto my domain space, but they said that it was not
> > necessary.
>
> Ok, next step, please post the output of "fetchmail -v -v -v -c"
>
Nothing.  A pause, then return to prompt:
fetchmail -v -v -v -c
fetchmail: can't check mail while another fetchmail to same host is running.
[anne@david ~]$ fetchmail --quit
fetchmail: background fetchmail at 6056 killed.
[anne@david ~]$ fetchmail -v -v -v -c
[anne@david ~]$

> Also, what was the result of the openssl command?

None.  It hung until I gave it Ctrl-C

Anne

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/20/07, Anne Wilson <can...@go...> wrote:
>
> Abbreviated .fetchmailrc - other mailboxes removed for simplicity.
>
> set logfile = /home/anne/fetchmail.log
>
> poll zencphosting09.zen.co.uk with proto pop3
>         user "su...@ly..."
>         pass "xxxxxx"
>         is anne fetchall
>
> zencphosting09 is the server for my domain account.  Maybe the certificate
> doesn't exist on that server?  The general server for mail not on the domain
> addresses is mailhost.zen.co.uk.  I used that at first, but then got a
> message that the certificate didn't match my domain, for every mailbox, every
> connection.  I did ask zen if I should put a certificate onto my domain
> space, but they said that it was not necessary.

Ok, next step, please post the output of "fetchmail -v -v -v -c"

Also, what was the result of the openssl command?

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Anne W. <can...@go...>]

On Monday 20 Aug 2007, Rob MacGregor wrote:
> On 8/20/07, Anne Wilson <can...@go...> wrote:
> > That corrected it, and the daemon is now running.  However, I'm still
> > having no luck in getting the certificate.  This is the command I'm
> > using:
> >
> > [root@david ~]# openssl s_client -connect zencphosting09.zen.co.uk:993
> > </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END
> > CERTIFICATE-/p'>/etc/pki/tls/rootcerts/zencphosting09.zen.co.uk.pem
> >
> > It just sits there, nothing happening.
>
> Try just running:
>
> openssl s_client -connect zencphosting09.zen.co.uk:993
>
> And then copy-n-paste the lines between "-BEGIN CERTIFICATE-" and
> "-END CERTIFICATE-" (including those lines) to the pem file.  Then run
> "c_rehash".
>
> If that doesn't work then please post your .fetchmailrc

Abbreviated .fetchmailrc - other mailboxes removed for simplicity.

set logfile = /home/anne/fetchmail.log

poll zencphosting09.zen.co.uk with proto pop3
	user "su...@ly..."
	pass "xxxxxx"
	is anne fetchall

zencphosting09 is the server for my domain account.  Maybe the certificate 
doesn't exist on that server?  The general server for mail not on the domain 
addresses is mailhost.zen.co.uk.  I used that at first, but then got a 
message that the certificate didn't match my domain, for every mailbox, every 
connection.  I did ask zen if I should put a certificate onto my domain 
space, but they said that it was not necessary.

Anne

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/20/07, Anne Wilson <can...@go...> wrote:
>
> That corrected it, and the daemon is now running.  However, I'm still having
> no luck in getting the certificate.  This is the command I'm using:
>
> [root@david ~]# openssl s_client -connect zencphosting09.zen.co.uk:993
> </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END
> CERTIFICATE-/p'>/etc/pki/tls/rootcerts/zencphosting09.zen.co.uk.pem
>
> It just sits there, nothing happening.

Try just running:

openssl s_client -connect zencphosting09.zen.co.uk:993

And then copy-n-paste the lines between "-BEGIN CERTIFICATE-" and
"-END CERTIFICATE-" (including those lines) to the pem file.  Then run
"c_rehash".

If that doesn't work then please post your .fetchmailrc

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Anne W. <can...@go...>]

On Sunday 19 Aug 2007, Rob MacGregor wrote:
> On 8/19/07, Anne Wilson <can...@go...> wrote:
> > Hi, Rob.  I've upgraded now, but I've not been able to run as a daemon. 
> > I seem to have a path problem.
> >
> > fetchmail --daemon 300
> > fetchmail: cannot open /home/anne/~/fetchmail.log: No such file or
> > directory fetchmail: fetchmail: Cannot detach into background. Aborting.
> >
> > This when commanding as user.  I did wonder if root needed to start it,
> > but I guess if that's so I'll have to feed it the user path somehow.
> >
> > Can you help, please?
>
> Looks like a typo somewhere in your config file.  What does your
> .fetchmailrc file contain?
>
> I'm guessing a line like:
>
>  logfile ~/fetchmail.log
>
> Try "logfile /home/anne/fetchmail.log" instead.

That corrected it, and the daemon is now running.  However, I'm still having 
no luck in getting the certificate.  This is the command I'm using:

[root@david ~]# openssl s_client -connect zencphosting09.zen.co.uk:993 
</dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END 
CERTIFICATE-/p'>/etc/pki/tls/rootcerts/zencphosting09.zen.co.uk.pem

It just sits there, nothing happening.

Anne

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/19/07, Anne Wilson <can...@go...> wrote:
> Hi, Rob.  I've upgraded now, but I've not been able to run as a daemon.  I
> seem to have a path problem.
>
> fetchmail --daemon 300
> fetchmail: cannot open /home/anne/~/fetchmail.log: No such file or directory
> fetchmail: fetchmail: Cannot detach into background. Aborting.
>
> This when commanding as user.  I did wonder if root needed to start it, but I
> guess if that's so I'll have to feed it the user path somehow.
>
> Can you help, please?

Looks like a typo somewhere in your config file.  What does your
.fetchmailrc file contain?

I'm guessing a line like:

 logfile ~/fetchmail.log

Try "logfile /home/anne/fetchmail.log" instead.

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Anne W. <can...@go...>]

On Saturday 18 Aug 2007, Rob MacGregor wrote:
> On 8/18/07, Anne Wilson <can...@go...> wrote:
> > On Friday 17 Aug 2007, Rob MacGregor wrote:
> > > On 8/17/07, Anne Wilson <can...@go...> wrote:
> > > > Fetchmail is collecting mail from several boxes on my new ISP's
> > > > server. I have suppressed the messages about how many messages were
> > > > collected, but I still get a set of
> > > >
> > > > fetchmail: Server certificate verification error: self signed
> > > > certificate
> > > >
> > > > every few minutes.
> > >
> > > What version of fetchmail?  Are you running it from cron, or as a
> > > daemon?
> >
> > 6.3.6.  It's run from cron.
>
> 1) Upgrade to 6.3.8
> 2) Use daemon mode
> 3) Download the certificate by running the following TWO lines:
>
> openssl s_client -connect remote.server.net:993 </dev/null | sed -ne
> '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
>
> >/usr/local/openssl/remote.pem
>
> c_rehash
>
> Replace "remote.pem" and "remote.server.net" with relevant names.

Hi, Rob.  I've upgraded now, but I've not been able to run as a daemon.  I 
seem to have a path problem.

fetchmail --daemon 300
fetchmail: cannot open /home/anne/~/fetchmail.log: No such file or directory
fetchmail: fetchmail: Cannot detach into background. Aborting.

This when commanding as user.  I did wonder if root needed to start it, but I 
guess if that's so I'll have to feed it the user path somehow.

Can you help, please?

Anne

Re: [fetchmail-users] Can fetchmail be configured to do this?

[Rob M. <rob...@gm...>]

On 8/18/07, rouble <ro...@gm...> wrote:
>
> Thanks for the response.
>
> The server is a Microsoft Exchange Server. By default fetchmail only
> gets email from the 'Inbox' folder, when I use pop3.
>
> Is it possible to download email from the 'sent-mail' folder over pop3
> from a Microsoft Exchange Server? If so, how would I configure my
> .fetchmailrc to do this?

Don't know - my MS Exchange knowledge is long outdated.  You'd need to
find out how, if at all, a POP3 client can access that folder.  If you
can get the answer to that then you've got your answer for fetchmail.

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] Can fetchmail be configured to do this?

[rouble <ro...@gm...>]

> <---SNIP--->
> > In short, with imap I can't have a client side list of seen emails
> > (--uidl), so I can't backup all the emails. And with pop3, I can't
> > download mails from other folders (--folder). So, I don't really know
> > how to do this.
> >
> > Any input is much appreciated.
>
> I think you're out of luck - fetchmail is not designed with this in
> mind.  It expects to be the only thing accessing a mailbox.
>
> I don't think there's really any way you can solve this with
> fetchmail, unless your provider provides some way of accessing the
> folders via POP.  The only solution would be to use fetchmail to
> download all the messages to your own IMAP server and then give people
> access to that instead.

Thanks for the response.

The server is a Microsoft Exchange Server. By default fetchmail only
gets email from the 'Inbox' folder, when I use pop3.

Is it possible to download email from the 'sent-mail' folder over pop3
from a Microsoft Exchange Server? If so, how would I configure my
.fetchmailrc to do this?

Cheers
rouble

-- 
this spot is up for rent

Re: [fetchmail-users] Can fetchmail be configured to do this?

[Rob M. <rob...@gm...>]

On 8/18/07, rouble <ro...@gm...> wrote:
<---SNIP--->
> In short, with imap I can't have a client side list of seen emails
> (--uidl), so I can't backup all the emails. And with pop3, I can't
> download mails from other folders (--folder). So, I don't really know
> how to do this.
>
> Any input is much appreciated.

I think you're out of luck - fetchmail is not designed with this in
mind.  It expects to be the only thing accessing a mailbox.

I don't think there's really any way you can solve this with
fetchmail, unless your provider provides some way of accessing the
folders via POP.  The only solution would be to use fetchmail to
download all the messages to your own IMAP server and then give people
access to that instead.

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/18/07, Anne Wilson <can...@go...> wrote:
> On Friday 17 Aug 2007, Rob MacGregor wrote:
> > On 8/17/07, Anne Wilson <can...@go...> wrote:
> > > Fetchmail is collecting mail from several boxes on my new ISP's server.
> > > I have suppressed the messages about how many messages were collected,
> > > but I still get a set of
> > >
> > > fetchmail: Server certificate verification error: self signed certificate
> > >
> > > every few minutes.
> >
> > What version of fetchmail?  Are you running it from cron, or as a daemon?
>
> 6.3.6.  It's run from cron.

1) Upgrade to 6.3.8
2) Use daemon mode
3) Download the certificate by running the following TWO lines:

openssl s_client -connect remote.server.net:993 </dev/null | sed -ne
'/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
>/usr/local/openssl/remote.pem

c_rehash

Replace "remote.pem" and "remote.server.net" with relevant names.

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] How to avoid these annoying reports

[Anne W. <can...@go...>]

On Friday 17 Aug 2007, Rob MacGregor wrote:
> On 8/17/07, Anne Wilson <can...@go...> wrote:
> > Fetchmail is collecting mail from several boxes on my new ISP's server. 
> > I have suppressed the messages about how many messages were collected,
> > but I still get a set of
> >
> > fetchmail: Server certificate verification error: self signed certificate
> >
> > every few minutes.
>
> What version of fetchmail?  Are you running it from cron, or as a daemon?

6.3.6.  It's run from cron.

Anne

[fetchmail-users] Can fetchmail be configured to do this?

[rouble <ro...@gm...>]

Hi All,

I am trying to see if it is possible to configure fetchmail(rc) to do
the following:

I have a email server that supports imap and pop3. I use various
clients to check that email over imap. I mainly have two folders that
need to be checked Inbox and Sent.

Now, I want to also maintain a running backup of all the email. That
is, I want to download _one_ copy of each email (from both folders)
from the server.

Since I view this email with other imap clients, I can not depend on
the read/unread (seen/unseen) status of the mail that is used by imap.
Using fetchmail with imap does not fetch messages that have already
been seen. So this won't work for a backup.

So, I decided to use the client side UID list supported by pop3. I
used the --uidl, --keep and --idfile options of fetchmail over pop3.
This worked great for backing up the Inbox, but it turns out that
fetchmail's pop3 support does not support folders. So, I can not
backup the Sent folder.

In short, with imap I can't have a client side list of seen emails
(--uidl), so I can't backup all the emails. And with pop3, I can't
download mails from other folders (--folder). So, I don't really know
how to do this.

Any input is much appreciated.

tia,
rouble

Re: [fetchmail-users] How to avoid these annoying reports

[Rob M. <rob...@gm...>]

On 8/17/07, Anne Wilson <can...@go...> wrote:
> Fetchmail is collecting mail from several boxes on my new ISP's server.  I
> have suppressed the messages about how many messages were collected, but I
> still get a set of
>
> fetchmail: Server certificate verification error: self signed certificate
>
> every few minutes.

What version of fetchmail?  Are you running it from cron, or as a daemon?

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

[fetchmail-users] How to avoid these annoying reports

[Anne W. <can...@go...>]

Fetchmail is collecting mail from several boxes on my new ISP's server.  I 
have suppressed the messages about how many messages were collected, but I 
still get a set of 

fetchmail: Server certificate verification error: self signed certificate

every few minutes.

Googling suggests that the best way to get rid of it is to obtain a copy of my 
ISP's certificate, so that fetchmail can check against it, but I'm not having 
much success with that.  The Tech. Support people don't seem to understand 
what's happening and why I need it.

Is there any other way of stopping these messages?  I don't want to devnull 
everything from fetchmail - that's obviously a dangerous move.

Anne

Re: [fetchmail-users] fetchmail on server unable to connect to postfix

[Rob M. <rob...@gm...>]

On 8/16/07, Rob Funk <rf...@fu...> wrote:
>
> If invisible is on, fetchmail uses the POP/IMAP server's name for HELO.
> If invisible is off, fetchmail uses the pre-determined "fetchmailhost"
> value instead.  fetchmailhost is determined by heuristics in fetchmail.c,
> and references the machine fetchmail is running on.
>
> It might be worthwhile to add an option to specify fetchmailhost in the
> config file.  Not that I'll have time to do that anytime soon.

I'm of the opinion that a documentation change is all the should be
required, probably in the form of a FAQ entry.  There must be very few
cases where what it's set to actually matters.

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] fetchmail on server unable to connect to postfix

[Rob F. <rf...@fu...>]

Rob MacGregor wrote:
> I only have the source for 6.3.8 to hand.  It's possible this feature
> is relatively recent.

See http://mknod.org/svn/fetchmail/  :-)
Looks like the way fetchmailhost is determined (in fetchmail.c) has 
changed since 6.2.5.

> It may also be that there's something else 
> happening to the value of the hostname beforehand - certainly lots of
> software relies on resolver libraries, which can be tripped up by
> having your hostname against the loopback address.
>
> I'd advise that, if you can, you create a second line with JUST the
> hostname in it, and the real IP of the host.

I agree.

> Checking the source it looks like the hostname passed is based off of
> the value of id_me in sink.c.  The value of that depends on whether
> "set invisible" is on (which I use).
>
> That may be set to the value of fetchmailhost, which defaults to
> localhost, but is later over-ridden by the DNS name of the host using
> gethostname.
>
> It may also default to value of server.truename, and I'm not enough of
> a C programmer to work out where that comes from :)

If invisible is on, fetchmail uses the POP/IMAP server's name for HELO.
If invisible is off, fetchmail uses the pre-determined "fetchmailhost" 
value instead.  fetchmailhost is determined by heuristics in fetchmail.c, 
and references the machine fetchmail is running on.

It might be worthwhile to add an option to specify fetchmailhost in the 
config file.  Not that I'll have time to do that anytime soon.


-- 
==============================|   "A microscope locked in on one point
 Rob Funk <rf...@fu...> |Never sees what kind of room that it's in"
 http://www.funknet.net/rfunk |    -- Chris Mars, "Stuck in Rewind"

[fetchmail-users] Solution (??) of: fetchmail on server unable to connect to postfix

[M. F. <mfi...@ne...>]

Hello everybody.

please accept my apologies for screwed threading, or if I have missed
some of the most recent answers and you need to repeat something to me.

As you may have noticed by now :-) I am moving from one email server to
another these days and is not being painles...

This is the situation now. I have found a newer rpm which installed
without problems on Centos 4.4:

rpm -q fetchmail
fetchmail-6.3.4-1.1_6.el4.at

this one works! with the /etc/hosts and fetchmailrc files shown below.
It may be helpful for the next guy if this difference in HELO behavior is
documented somewhere, since I happened into it by using the default
packages provided with my chosen distro.

Thanks to Rob and all the others who helped me and thanks in advance
for any answer to this last question: is there anything in the
setup below which is redundant or, worst, may cause any security problem?

Marco

#######################################################################
etc/hosts:

127.0.0.1       mybox.mynewisp.com localhost localhost.localdomain
real.ip.address mybox.mynewisp.com mybox

#######################################################################

fetchmailrc:

set logfile "/var/log/procmail_logs/log_fetch_mail"
set nobouncemail
set properties ""
set no syslog

poll pop3.oldisp.com with proto POP3 tracepolls
   user oldaccount there with pass "password" is mfi...@ne...
here smtphost mybox.mynewisp.com smtpaddress mybox.mynewisp.com

Re: [fetchmail-users] fetchmail on server unable to connect to postfix

[Rob M. <rob...@gm...>]

On 8/16/07, M. Fioretti <mfi...@ne...> wrote:
>
> Unfortunately this doesn't seem enough. Doing a
>
> poll pop3.myisp.com with proto POP3 tracepolls
>    user myaccount there with pass "thepassword" is mfi...@ne...
> here keep smtphost the.full.machine.name
>
> still yelds (may this depend on the fetchmail version???):

I only have the source for 6.3.8 to hand.  It's possible this feature
is relatively recent.  It may also be that there's something else
happening to the value of the hostname beforehand - certainly lots of
software relies on resolver libraries, which can be tripped up by
having your hostname against the loopback address.

I'd advise that, if you can, you create a second line with JUST the
hostname in it, and the real IP of the host.

Checking the source it looks like the hostname passed is based off of
the value of id_me in sink.c.  The value of that depends on whether
"set invisible" is on (which I use).

That may be set to the value of fetchmailhost, which defaults to
localhost, but is later over-ridden by the DNS name of the host using
gethostname.

It may also default to value of server.truename, and I'm not enough of
a C programmer to work out where that comes from :)

However, an upgrade to 6.3.8 should at least confirm whether or not
this is actually no longer a problem.

>
> Thanks for any further help! As a side note, I hope this thread continues
> until the problem is solved via fetchmail also because... I'm learning
> more about fetchmail this afternoon, thanks to this thread, than by
> reading the docs again and again...

As long as you're willing to put up my direct approach, I'm sure we'll
get there :)

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche

Re: [fetchmail-users] fetchmail on server unable to connect to postfix

[Rob F. <rf...@fu...>]

M. Fioretti wrote:
> Rob wrote:

> > Note that rejecting unqualified HELO values while being fully
> > RFC compliant...
>
> Yes, we're aware of this and in _our_ particular case we should be
> fine. For now, at least.

Ideally in your smtpd restrictions you should tell postfix to 
permit_mynetworks *before* reject_non_fqdn_hostname and 
reject_invalid_hostname.  And be sure mynetworks includes 127.0.0.0/8.


> smtphost the.full.machine.name
>
> still yelds (may this depend on the fetchmail version???):
>
> fetchmail: SMTP> EHLO localhost

I'm pretty sure this depends on the fetchmail version; a check of the NEWS 
file shows that there's been a lot of work on the smtphost feature since 
6.2.  OTOH the current man page doesn't seem to clearly talk about 
HELO/EHLO.

-- 
==============================|   "A microscope locked in on one point
 Rob Funk <rf...@fu...> |Never sees what kind of room that it's in"
 http://www.funknet.net/rfunk |    -- Chris Mars, "Stuck in Rewind"