Menu
▾
▴
fetchmail-users — User questions and discussion
You can subscribe to this list here.
| 2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(16) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
(2) |
Feb
|
Mar
(4) |
Apr
|
May
|
Jun
|
Jul
(8) |
Aug
(21) |
Sep
(17) |
Oct
(35) |
Nov
(39) |
Dec
(55) |
| 2006 |
Jan
(70) |
Feb
(11) |
Mar
(55) |
Apr
(27) |
May
(73) |
Jun
(47) |
Jul
(63) |
Aug
(27) |
Sep
(52) |
Oct
(39) |
Nov
(87) |
Dec
(15) |
| 2007 |
Jan
(23) |
Feb
(46) |
Mar
(108) |
Apr
(63) |
May
(54) |
Jun
(34) |
Jul
(29) |
Aug
(103) |
Sep
(46) |
Oct
(69) |
Nov
(29) |
Dec
(17) |
| 2008 |
Jan
(45) |
Feb
(32) |
Mar
(25) |
Apr
(17) |
May
(39) |
Jun
(20) |
Jul
(64) |
Aug
(31) |
Sep
(38) |
Oct
(20) |
Nov
(42) |
Dec
(50) |
| 2009 |
Jan
(10) |
Feb
(38) |
Mar
(3) |
Apr
(29) |
May
(41) |
Jun
(31) |
Jul
(21) |
Aug
(53) |
Sep
(49) |
Oct
(26) |
Nov
(28) |
Dec
(15) |
| 2010 |
Jan
(83) |
Feb
(38) |
Mar
(33) |
Apr
(44) |
May
(9) |
Jun
(16) |
Jul
(35) |
Aug
(38) |
Sep
(11) |
Oct
(35) |
Nov
(68) |
Dec
(19) |
| 2011 |
Jan
(16) |
Feb
(69) |
Mar
(42) |
Apr
(54) |
May
(56) |
Jun
(29) |
Jul
|
Aug
(65) |
Sep
(3) |
Oct
(39) |
Nov
(33) |
Dec
(4) |
| 2012 |
Jan
(31) |
Feb
(21) |
Mar
(26) |
Apr
(13) |
May
(38) |
Jun
(39) |
Jul
(14) |
Aug
(31) |
Sep
(8) |
Oct
(32) |
Nov
(12) |
Dec
(16) |
| 2013 |
Jan
(40) |
Feb
(22) |
Mar
(21) |
Apr
(15) |
May
(13) |
Jun
(9) |
Jul
(34) |
Aug
(10) |
Sep
(10) |
Oct
|
Nov
(7) |
Dec
(1) |
| 2014 |
Jan
(25) |
Feb
(9) |
Mar
(8) |
Apr
(12) |
May
(7) |
Jun
|
Jul
(7) |
Aug
(4) |
Sep
(27) |
Oct
(25) |
Nov
(18) |
Dec
(3) |
| 2015 |
Jan
(18) |
Feb
(13) |
Mar
(4) |
Apr
(19) |
May
(11) |
Jun
|
Jul
(1) |
Aug
(7) |
Sep
(6) |
Oct
(4) |
Nov
(19) |
Dec
(6) |
| 2016 |
Jan
|
Feb
(8) |
Mar
(14) |
Apr
|
May
(11) |
Jun
|
Jul
(2) |
Aug
(3) |
Sep
(10) |
Oct
|
Nov
(11) |
Dec
(17) |
| 2017 |
Jan
(17) |
Feb
(35) |
Mar
|
Apr
(4) |
May
(8) |
Jun
(2) |
Jul
(16) |
Aug
|
Sep
(5) |
Oct
(11) |
Nov
(15) |
Dec
(10) |
| 2018 |
Jan
|
Feb
(3) |
Mar
|
Apr
(3) |
May
(2) |
Jun
(8) |
Jul
|
Aug
(10) |
Sep
(17) |
Oct
(15) |
Nov
(12) |
Dec
(10) |
| 2019 |
Jan
(4) |
Feb
(14) |
Mar
(33) |
Apr
(17) |
May
(7) |
Jun
(6) |
Jul
(2) |
Aug
(4) |
Sep
(22) |
Oct
(13) |
Nov
|
Dec
|
| 2020 |
Jan
(36) |
Feb
(19) |
Mar
(31) |
Apr
(2) |
May
(22) |
Jun
(7) |
Jul
(25) |
Aug
(9) |
Sep
(17) |
Oct
(52) |
Nov
(13) |
Dec
(9) |
| 2021 |
Jan
(23) |
Feb
(13) |
Mar
(9) |
Apr
(15) |
May
(3) |
Jun
(7) |
Jul
(4) |
Aug
(23) |
Sep
(3) |
Oct
(8) |
Nov
(28) |
Dec
(9) |
| 2022 |
Jan
(38) |
Feb
(2) |
Mar
(56) |
Apr
(24) |
May
(29) |
Jun
(22) |
Jul
(6) |
Aug
(1) |
Sep
|
Oct
(13) |
Nov
(2) |
Dec
|
| 2023 |
Jan
(6) |
Feb
(1) |
Mar
(1) |
Apr
(4) |
May
|
Jun
|
Jul
(21) |
Aug
(5) |
Sep
(1) |
Oct
|
Nov
(5) |
Dec
|
| 2024 |
Jan
(15) |
Feb
(4) |
Mar
|
Apr
(4) |
May
(11) |
Jun
(9) |
Jul
(1) |
Aug
|
Sep
(9) |
Oct
(9) |
Nov
(1) |
Dec
(1) |
| 2025 |
Jan
(7) |
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
(10) |
Jul
|
Aug
(1) |
Sep
(12) |
Oct
(1) |
Nov
|
Dec
|
|
From: Joe Acquisto-j. <jo...@j4...> - 2020-01-29 02:10:04
|
So, complied 6.4.1 on another box and copied it to running machine, rename old binary and dropped in newly compiled one at /usr/bin/fetchmail, where the start script shows it to be expected.
killed the running version, before renaming the old one and restarted with the in place. However, both the help file and /var/log/fetchmail.log show verison 6.3.26.
This seems quite impossible, unless the binary looks elsewhere to read and output that information. Speaking as a programming layman/novice, this seems unlikely.
joe a.
--
+++++++++++++++++++++++
joea@@j4computers.com
https://www.j4computers.com
845-687-3734
+++++++++++++++++++++++
|
|
From: grarpamp <gra...@gm...> - 2020-01-27 23:45:13
|
On 1/27/20, Joe Acquisto-j4 <jo...@j4...> wrote: > I am several versions behind at 6.3.2 Upgrade requires > various other upgrades as well. If not required, at least sensible. Fetchmail is rather easy to compile separately, even static. That way you may be able to drop the resulting binary into your system, or call it separately, without say needing to handle whatever dependency graphs package managers try to do before you are ready for big global upgrade. > wish to retrieve all folders or, if that is not possible, to retrieve a > specific folder along with the default folder. > > Or, must I fetch folders one by one? > example syntax for ~/.fetchmail would be nice as well. folder option accept a comma list, and will internally combines multiple folder options. I don't think there is this magic 'all folders' option. You might like to use the RFC below to try create a patch for people that will query the server and pull them all like that. Could optionally create matching local folder hiers on fly. Even go crazy and select matching "mda" choices, though most people probably like to keep that as separate invocation anyway. > I am waiting for > the provider to supply the exact folder syntax. IMAP is plaintext protocol, you can use the IMAP RFC to manually login with openssl s_client, speak IMAP, and fetch a list of what the folder names on the remote system actually are. It is fun to try it at least once :) |
|
From: Joe Acquisto-j. <jo...@j4...> - 2020-01-27 23:05:40
|
>>>
> Am 27.01.20 um 20:25 schrieb Joe Acquisto-j4:
>> Long time no post. I am several versions behind at 6.3.2 Upgrade requires
> various other upgrades as well. If not required, at least sensible.
>>
>> While it is not supported any longer, perhaps the steps are similar. I
> wish to retrieve all folders or, if that is not possible, to retrieve a
> specific folder along with the default folder.
>>
>> Or, must I fetch folders one by one?
>>
>> example syntax for ~/.fetchmail would be nice as well. I am waiting for
> the provider to supply the exact folder syntax.
>>
>> Thanks in advance.
>>
> Joe, I take your later message as "problem solved".
>
> However, I'll take your message as a stepping stone for a general
> message to the public:
>
> running fetchmail 6.3.2 is a major problem in itself.
> There have been 26 releases and more than 14 (fourteen!) years(!) since,
> which includes fixes for critical and security-relevant bugs.
>
> I find that also disrespectful versus the maintainer and contributors,
> that's not what I (and others) am (are) spending my (their) spare time for.
>
Matthias,
Your reminder of the need to upgrade is certainly appreciated.
My inability to upgrade in a timely manner has to do with issues too numerous
to go into and should in no way be taken as a sign of intentional
"disrespect" toward you, others or the work you put into fetchmail.
Sorry that it upsets you in any way.
joe a.
--
+++++++++++++++++++++++
joea@@j4computers.com
https://www.j4computers.com
845-687-3734
+++++++++++++++++++++++
|
|
From: Matthias A. <mat...@gm...> - 2020-01-27 22:41:34
|
Am 27.01.20 um 20:25 schrieb Joe Acquisto-j4: > Long time no post. I am several versions behind at 6.3.2 Upgrade requires various other upgrades as well. If not required, at least sensible. > > While it is not supported any longer, perhaps the steps are similar. I wish to retrieve all folders or, if that is not possible, to retrieve a specific folder along with the default folder. > > Or, must I fetch folders one by one? > > example syntax for ~/.fetchmail would be nice as well. I am waiting for the provider to supply the exact folder syntax. > > Thanks in advance. > Joe, I take your later message as "problem solved". However, I'll take your message as a stepping stone for a general message to the public: running fetchmail 6.3.2 is a major problem in itself. There have been 26 releases and more than 14 (fourteen!) years(!) since, which includes fixes for critical and security-relevant bugs. I find that also disrespectful versus the maintainer and contributors, that's not what I (and others) am (are) spending my (their) spare time for. This is just enumerating egrep SECURITY\|CRITICAL on fetchmail 6.4.2-rc2's NEWS file: 1 ## SECURITY FIXES THAT AFFECT BEHAVIOUR AND MAY REQUIRE RECONFIGURATION 2 ## SECURITY FIXES 3 # CRITICAL BUG FIX for setups using "mimedecode": 4 # CRITICAL AND REGRESSION FIXES 5 # SECURITY FIXES 6 # CRITICAL BUG FIX 7 # SECURITY BUG FIXES 8 # SECURITY IMPROVEMENTS TO DEFANG X.509 CERTIFICATE ABUSE 9 # CRITICAL BUG FIXES AND REGRESSION FIXES 10 # SECURITY FIX 11 # SECURITY FIXES 12 # SECURITY BUGFIXES 13 # SECURITY AND CRITICAL BUG FIXES: 14 # SECURITY STRENGTHENING: 15 # SECURITY FIXES: 16 # SECURITY FIX IN THIS RELEASE 17 # SECURITY FIX IN THIS RELEASE 18 # SECURITY FIXES IN THIS RELEASE For details, read https://gitlab.com/fetchmail/fetchmail/blob/legacy_64/NEWS - and make sure that you schedule updates to supported versions of all operating system and network applications that do not have known security bugs. |
|
From: Joe Acquisto-j. <jo...@j4...> - 2020-01-27 20:59:23
|
>>>
> Long time no post. I am several versions behind at 6.3.2 Upgrade requires
> various other upgrades as well. If not required, at least sensible.
>
> While it is not supported any longer, perhaps the steps are similar. I
> wish to retrieve all folders or, if that is not possible, to retrieve a
> specific folder along with the default folder.
>
> Or, must I fetch folders one by one?
>
> example syntax for ~/.fetchmail would be nice as well. I am waiting for
> the provider to supply the exact folder syntax.
>
> Thanks in advance.
Figured out, seems to be working OK so far.
--
+++++++++++++++++++++++
joea@@j4computers.com
https://www.j4computers.com
845-687-3734
+++++++++++++++++++++++
|
|
From: Joe Acquisto-j. <jo...@j4...> - 2020-01-27 19:38:37
|
Long time no post. I am several versions behind at 6.3.2 Upgrade requires various other upgrades as well. If not required, at least sensible.
While it is not supported any longer, perhaps the steps are similar. I wish to retrieve all folders or, if that is not possible, to retrieve a specific folder along with the default folder.
Or, must I fetch folders one by one?
example syntax for ~/.fetchmail would be nice as well. I am waiting for the provider to supply the exact folder syntax.
Thanks in advance.
--
+++++++++++++++++++++++
joea@@j4computers.com
https://www.j4computers.com
845-687-3734
+++++++++++++++++++++++
|
|
From: Matthias A. <mat...@gm...> - 2020-01-25 00:03:21
|
The 6.4.2-rc2 release of fetchmail is now available at the usual locations, including <http://sourceforge.net/projects/fetchmail>. The source archive is available at: <https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.2-rc2.tar.lz> <https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.2-rc2.tar.xz> Please test the revised fetchmailconf, it now also needs Python's "future" package, supports Python 3, and learned how to autoprobe via SSL and/or IPv6. These are the relevant changes from 6.4.2-rc1 to -rc2: fetchmailconf: Bump version to 1.61. fetchmailconf: Set window icon for window manager. fetchmailconf: Add verbose/normal to run buttons of main window. fetchmailconf: Check fetchmail's exit status from RunWindow() fetchmailconf: Update RunWindow() line-wise. fetchmailconf: Make RunWindow resizeable. fetchmailconf: Omit unused 'parent' argument from RunWindow() constructor fetchmailconf: Heed Exceptions in make_icon_window(). Fix missing 'from' in NEWS. |
|
From: Matthias A. <mat...@gm...> - 2020-01-20 23:00:02
|
The 6.4.2-rc1 release of fetchmail is now available at the usual locations, including <http://sourceforge.net/projects/fetchmail>. The source archive is available at: <https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.2-rc1.tar.lz> <https://downloads.sourceforge.net/project/fetchmail/branch_6.4/fetchmail-6.4.2-rc1.tar.xz> Please test the revised fetchmailconf, it now also needs Python's "future" package, supports Python 3, and learned how to autoprobe via SSL and/or IPv6. I have mailed the URL of the tarball to the translation project, PLEASE DO TRANSLATE (and if you need more than a few days, let me know). Here are the release notes: fetchmail 6.4.2 (not yet released): ## BREAKING CHANGES: * fetchmailconf now supports Python 3 and currently requires the "future" package, see https://pypi.org/project/future/. * The minimum supported version is now Python 2.7.13, but it is recommended to use at least 2.7.16 (due to its massive SSL updates). Older Python versions may check SSL certificates not strictly enough which will may cause fetchmail to complain later when the certificate isn't compliant. * fetchmailconf now autoprobes SSL-wrapped connections (ports 993 and 995 for IMAP and POP3) as well and by preference. * fetchmailconf now defaults newly created users to "ssl" if either of the existing users sets ssl, or if the server has freshly been probed and found supporting ssl. There is a caveat: adding a user to an existing server without probing it again may skip adding ssl. (This does not prevent STARTTLS.) ## BUG FIXES: * Fix three bugs in fetchmail.man (one unterminated string to .IP macro, one line that ran into a .PP macro, .TH date format), and remove one .br request from inside the table, which is unsupported by FreeBSD 12's mandoc(1) formatter. FreeBSD Bug#241032, reported by Helge Oldach. * Further man page fixes and additions by Chris Mayo and Gregor Zattler. * When evaluating the need for STARTTLS in non-default configurations (SSL certificate validation turned off), fetchmail would only consider --sslproto tls1 as requiring STARTTLS, now all non-empty protocol versions do. * fetchmailconf now properly writes "no sslcertck" if sslcertck is disabled. ## CHANGES: * Make t.smoke more robust and use temporary directory as FETCHMAILHOME, to make sure that the home directory resolves for the user running the test suite even if the environment isn't perfect. Reported by Konstantin Belousov, analysed by Corey Halpin, FreeBSD Bug#240914. ## UPDATED TRANSLATION - THANKS TO: * zh_CN: Boyuan Yang [Chinese (simplified)] -------------------------------------------------------------------------------- By popular demand, diffs from the previous release have been omitted. Happy fetches, Matthias |
|
From: Ralph C. <ra...@in...> - 2020-01-16 11:32:26
|
Hi Mario, > please see at > https://sourceforge.net/p/courier/mailman/message/36900517/ This suggests Courier is rejecting the email from fetchmail with 517 because its sendmail is being invoked with «-f '<>'» and that's invalid. > I am not sure how to fix (I would rather not use any custom script). Examine fetchmail's antispam setting, and perhaps softbounce. -- Cheers, Ralph. |
|
From: mario c. <ml...@ma...> - 2020-01-15 19:13:52
|
Hi please see at https://sourceforge.net/p/courier/mailman/message/36900517/ I am not sure how to fix (I would rather not use any custom script). Your help is welcome On Wed, 2020-01-15 at 12:18 +0000, Ralph Corderoy wrote: > Hi mario, .... > > Did you suffer a 517 error on this run like you have in the past? yes, I check with the same bugged message > That appeared somewhere other than the st files because they didn't > exist back then. I am not sure to understand what you mean Thanks, Cheers mario |
|
From: mario c. <ml...@ma...> - 2020-01-15 18:54:53
|
On Wed, 2020-01-15 at 16:24 +0000, Ralph Corderoy wrote: > Hi mario, > > > if I use >fetchmail --sslcertck, I get > > > > fetchmail: Server CommonName mismatch: *.myremoteprovider.it != > > pop3.mydomain.net > > See --sslcommonname in fetchmail(1). > fetchmail --sslcertck --sslcommonname myremoteprovider.it seems to work! Thanks a lot mario |
|
From: Matthias A. <mat...@gm...> - 2020-01-15 17:45:41
|
Am January 15, 2020 3:31:15 PM UTC schrieb mario chiari <ml...@ma...>: >Hi, > >if I use >fetchmail --sslcertck, I get > >fetchmail: Server CommonName mismatch: *.myremoteprovider.it != >pop3.mydomain.net >fetchmail: OpenSSL reported: error:1416F086:SSL >routines:tls_process_server_certificate:certificate verify failed >fetchmail: pop3.mydomain.net: upgrade to TLS failed. >fetchmail: Unknown login or authentication error on >my...@my...@pop3.mar >iochiari.net >fetchmail: socket error while fetching from >my...@my...@pop3.mariochiari >.net >fetchmail: Query status=2 (SOCKET) > > >any hint? >thanks cheers >mario > > > >_______________________________________________ >Fetchmail-users mailing list >Fet...@li... >https://lists.sourceforge.net/lists/listinfo/fetchmail-users With made up domainnames, nobody will be able to help, sorry. |
|
From: Ralph C. <ra...@in...> - 2020-01-15 16:24:41
|
Hi mario, > if I use >fetchmail --sslcertck, I get > > fetchmail: Server CommonName mismatch: *.myremoteprovider.it != > pop3.mydomain.net See --sslcommonname in fetchmail(1). -- Cheers, Ralph. |
|
From: mario c. <ml...@ma...> - 2020-01-15 15:31:30
|
Hi, if I use >fetchmail --sslcertck, I get fetchmail: Server CommonName mismatch: *.myremoteprovider.it != pop3.mydomain.net fetchmail: OpenSSL reported: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed fetchmail: pop3.mydomain.net: upgrade to TLS failed. fetchmail: Unknown login or authentication error on my...@my...@pop3.mar iochiari.net fetchmail: socket error while fetching from my...@my...@pop3.mariochiari .net fetchmail: Query status=2 (SOCKET) any hint? thanks cheers mario |
|
From: Ralph C. <ra...@in...> - 2020-01-15 12:18:38
|
Hi mario, > OK, sorry, i shuold have known. > I get a st.* file indeed. Since I was trying to trace the reason for a > 517 error, the only line that may help seems to be: > > write(4, "\26\3\1\2\0\1\0\1\374\3\3 ...snip... > 0\24pop3.mariochiari.net\0\v\0\4\3 ...snip... 0\0\0\0\0", 517) = 517 No, that just happens to be a write of 517 bytes. Did you suffer a 517 error on this run like you have in the past? That appeared somewhere other than the st files because they didn't exist back then. If not, then you need to get that 517 error occurring again. If you did have a 517 error this time then the textual protocol between fetchmail and the server, shown in the "..." strings of read() and write() calls, will show what was passed by fetchmail to the server that made it respond with 517. -- Cheers, Ralph. |
|
From: mario c. <ml...@ma...> - 2020-01-15 12:12:18
|
On Wed, 2020-01-15 at 10:27 +0000, Ralph Corderoy wrote: > Hi mario, > > > vmail user > strace -ffe %desc -s 4096 -o st fetchmail > > strace: Can't fopen 'st.15088': Permission denied > > ‘-o st’ puts strace's output into a file called st. It appears you > don't have write permission on the current directory so specify > somewhere where the file can be created, e.g. /tmp/st. > OK, sorry, i shuold have known. I get a st.* file indeed. Since I was trying to trace the reason for a 517 error, the only line that may help seems to be: write(4, "\26\3\1\2\0\1\0\1\374\3\3 ...snip... 0\24pop3.mariochiari.net\0\v\0\4\3 ...snip... 0\0\0\0\0", 517) = 517 Does it help? m. |
|
From: Ralph C. <ra...@in...> - 2020-01-15 10:27:50
|
Hi mario, > vmail user > strace -ffe %desc -s 4096 -o st fetchmail > strace: Can't fopen 'st.15088': Permission denied ‘-o st’ puts strace's output into a file called st. It appears you don't have write permission on the current directory so specify somewhere where the file can be created, e.g. /tmp/st. -- Cheers, Ralph. |
|
From: mario c. <ml...@ma...> - 2020-01-15 10:20:11
|
Hi this was quick! :-) I miss something. I get vmail user > strace -ffe %desc -s 4096 -o st fetchmail strace: Can't fopen 'st.15088': Permission denied I am not sure which permission I need to give. best wishes mario On Wed, 2020-01-15 at 09:47 +0000, Ralph Corderoy wrote: > Hi mario, > > > > strace -ffe %desc -s 4096 -o st fetchmail ...your-normal-arguments > > > > shame on me, but I forgot which my-normal-arguments I need to pass to > > a command as above > > It might be none if you want it to run through all the ‘poll’ entries in > your ~/.fetchmailrc. Or the name of a single ‘poll’ entry in that file > if you know that peer triggers the problem. You didn't show us the > arguments you normally use so I didn't replicate them in my example. > |
|
From: mario c. <ml...@ma...> - 2020-01-15 09:48:34
|
Hi, I am trying to fix 517 Syntax error an old issue (a 517 Syntax error) On Sat, 2019-03-02 at 11:04 +0000, Ralph Corderoy wrote: > strace -ffe %desc -s 4096 -o st fetchmail ...your-normal-arguments shame on me, but I forgot which my-normal-arguments I need to pass to a command as above thanks, cheers mario |
|
From: Ralph C. <ra...@in...> - 2020-01-15 09:47:52
|
Hi mario, > > strace -ffe %desc -s 4096 -o st fetchmail ...your-normal-arguments > > shame on me, but I forgot which my-normal-arguments I need to pass to > a command as above It might be none if you want it to run through all the ‘poll’ entries in your ~/.fetchmailrc. Or the name of a single ‘poll’ entry in that file if you know that peer triggers the problem. You didn't show us the arguments you normally use so I didn't replicate them in my example. -- Cheers, Ralph. |
|
From: grarpamp <gra...@gm...> - 2020-01-10 23:42:51
|
> well? Gitlab has deployed a broken captcha system. Fetchmail can preserve the single line mashup if it likes to close that part of #7. No, due to random structure of such lines, I seriously doubt anyone is _parsing_ such lines in shell as a killer of anything but their own sanity :) _creating_ such lines in shell is a bit more interesting, but doesn't move modularity forward. The more important issue and future that should not be closed is the creation of a proper modular config and operation abstraction for 7.x. The concepts of polling, servers, accounts, which set of server folders, and selecting fetchmail's downstream pipes and filesystem, among other config things, needs to be broken apart and out into separate stanzas, that can contain various config options, stanzas are then assembleable in permutation by the caller as applicable, by reference to those labelled stanzas, into particular and complete polls... fetch -user janeC -server beeH -folders setA -into localwayB -polling paramT fetch -user johnQ -server fooD -folders setS -into localwayG -polling paramL fetch -user johnQ -server fooD -folders setP -into localwayR -polling paramL fetch -label comboN -server bar4 fetch -label comboN -server bar2 fetch -label comboA etc, ... Where comboN is label made up of other labels from the config, or of config options, that would make up the remainder of a full specification. Fetchmail cannot do this cleanly today without user writing fully permuted numbers of separate full fetchmail configuration files, and executing them in manner to keep fetchmail from interfereing with itself. This management and non-linear combination growth is not helpful to users or entities with more than a few accounts, servers, etc. This has been mentioned before over years, reference is not at hand, see old archive / tickets for more on topic. Further, enhancing modularity for 7.x may help fetchmail abstract to be able to "fetch" "messages" from other messaging systems by future contrib plugin protocols beyond imap / pop. |
|
From: Matthias A. <mat...@gm...> - 2019-10-25 17:20:16
|
(No need to tell my my GnuPG signature on the previous e-mail was broken, which I've just noticed.) |
|
From: Matthias A. <mat...@gm...> - 2019-10-25 16:42:07
|
Am 23.10.19 um 11:31 schrieb Vitezslav Crhonek: > Hello Matthias, > > It's been discovered that wildcard certificates don't work > with fetchmail-6.4.1. I wasn't able to find out when the change > happened and whether it is intentional. Please look at [1] for > more detailed info. > > Best regards, > Vitezslav Crhonek > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1764291 Hi Vitezslav, that report assumes that a dotted-quad notation of an IP address could be matched by a top-level catch-all wildcard, "*", which is invalid. I've commented on the bug and recommend to close report as either "works as intended" or "invalid" or similar depending on your policies and conventions. My comment included for reference below. Cheers, Matthias /This is intended behaviour and not a bug. The change was made between v6.3.17 and v6.3.18 (Git commit 480b13c7 alias RELEASE_6-3-18~55) and is documented:/ > /+# SECURITY IMPROVEMENTS TO DEFANG X.509 CERTIFICATE ABUSE// > //+* Fetchmail now only accepts wildcard certificate common names and > subject// > //+ alternative names if they start with "*.". Previous versions > would accept// > //+ wildcards even if no period followed immediately.// > //+* Fetchmail now disallows wildcards in certificates to match domain > literals// > //+ (such as 10.9.8.7), or wildcards in domain literals > ("*.168.23.23").// > //+ The test is overly picky and triggers if the pattern (after > skipping the// > //+ initial wildcard "*") or domain consist solely of digits and dots > and matches// > //+ more than needed.// > //+// > / /This brings the TLS/X.509v3 certificate checks in line with RFC-5280 and more specifically RFC-7817 (A. Melnikov, Isode Ltd, "Updated Transport Layer Security (TLS) Server Identity Check Procedure for Email-Related Protocols" section 3, item #5 on page 4 and protects against abusive/invalid certificates as in this case, and no CA is permitted to sign such a certificate in the first place. // / 1. /A wildcard must not match at top level/ 2. /A domain literal such as 10.9.8.7 is not a DNS or domain name that a text subject alternative name or subject common name wildcard could ever match.// / > > > _______________________________________________ > Fetchmail-users mailing list > Fet...@li... > https://lists.sourceforge.net/lists/listinfo/fetchmail-users |
|
From: Vitezslav C. <vcr...@re...> - 2019-10-23 09:29:28
|
Hello Matthias, It's been discovered that wildcard certificates don't work with fetchmail-6.4.1. I wasn't able to find out when the change happened and whether it is intentional. Please look at [1] for more detailed info. Best regards, Vitezslav Crhonek [1] https://bugzilla.redhat.com/show_bug.cgi?id=1764291 -- Vitezslav Crhonek Software Engineer Red Hat |
|
From: Richard K. <ric...@bt...> - 2019-10-20 11:29:26
|
On Sat, 19 Oct 2019 21:35:20 +0200 Matthias Andree <mat...@gm...> wrote: > > Richard, > > A quick workaround seems to be that you add --ssl to the command line, > or ssl to the rcfile - that way, fetchmail connects to the TLS-wrapped > port, which seems to work for me. > > HTH for you too, > Matthias Aaah. I hadn't expected the solution would be that simple. I thought I'd have to set up SSL somehow. Many thanks indeed. It's working now. - Richard. -- Richard Kimber |
18 messages has been excluded from this view by a project administrator.
