Menu
▾
▴
fetchmail-users
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-02-12 00:26:26
|
Getting this: ------------------------------------------------ Thu Feb 11 19:15:08 EST 2021 fetchmail: OpenSSL reported: error:1408F10B:SSL routines:ssl3_get_record:wrong version number fetchmail: mail.myisphost.com: SSL connection failed. fetchmail: socket error while fetching from in...@j4...@mail.myisphost.com fetchmail: Query status=2 (SOCKET) ---------------------------------------------- This is fetchmail release 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS. I was getting the error earlier today. I think I somehow munged the .fetchmailrc file at some point and created an issue. At this point, though, I am dazed and confused. (we will not speak of my arrogance in not making a backup of the file before hammering away at it. No definitely we will not mention that. . . .) I will be periodically checking mail in a round about way,as my "normal" way is, umm, broken. . . . joe a. |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-08-15 17:28:08
|
Version 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS Recent ping about SSL issue cause me to look at config and logs. Surprise. Been going on for months. My bad for not noticing earlier. from /var/log/fetchmail.log fetchmail: Loaded OpenSSL library 0x1010104f newer than headers 0x1010009f, trying to continue. fetchmail: OpenSSL reported: error:1408F10B:SSL routines:ssl3_get_record:wrong version number I'll search a bit while awaiting the lifeguards . . . |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-08-15 22:27:14
|
> Version 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS > > Recent ping about SSL issue cause me to look at config and logs. Surprise. > Been going on for months. My bad for not noticing earlier. > > from /var/log/fetchmail.log > > fetchmail: Loaded OpenSSL library 0x1010104f newer than headers 0x1010009f, > trying to continue. > fetchmail: OpenSSL reported: error:1408F10B:SSL > routines:ssl3_get_record:wrong version number > > I'll search a bit while awaiting the lifeguards . . . > Updating to absolute latest on sourceforge resolved the issue. Pardon the noise. |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-08-15 23:46:11
|
>> Version 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS >> >> Recent ping about SSL issue cause me to look at config and logs. Surprise. > >> Been going on for months. My bad for not noticing earlier. >> >> from /var/log/fetchmail.log >> >> fetchmail: Loaded OpenSSL library 0x1010104f newer than headers 0x1010009f, >> trying to continue. >> fetchmail: OpenSSL reported: error:1408F10B:SSL >> routines:ssl3_get_record:wrong version number >> >> I'll search a bit while awaiting the lifeguards . . . >> > > Updating to absolute latest on sourceforge resolved the issue. > > Pardon the noise. > Actually . . . I lied. Secure connections do appear to work, if I leave config options at default, but when I add "ssl" to my config file the particular user I add that for shows this error on attempted fetch: "fetchmail: OpenSSL reported: error:1408F10B:SSL routines:ssl3_get_record:wrong version number" Sorry if this is an added burden, or, horrors, if I misread earlier emails on the subject. |
|
From: Matthias A. <mat...@gm...> - 2021-08-16 16:46:21
|
Am 16.08.21 um 01:45 schrieb Joe Acquisto-j4: > >>> Version 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS >>> >>> Recent ping about SSL issue cause me to look at config and logs. Surprise. >>> Been going on for months. My bad for not noticing earlier. >>> >>> from /var/log/fetchmail.log >>> >>> fetchmail: Loaded OpenSSL library 0x1010104f newer than headers 0x1010009f, >>> trying to continue. >>> fetchmail: OpenSSL reported: error:1408F10B:SSL >>> routines:ssl3_get_record:wrong version number >>> >>> I'll search a bit while awaiting the lifeguards . . . >>> >> Updating to absolute latest on sourceforge resolved the issue. >> >> Pardon the noise. >> > Actually . . . I lied. Secure connections do appear to work, if I leave config options at default, > but when I add "ssl" to my config file the particular user I add that for shows this error on attempted fetch: > > "fetchmail: OpenSSL reported: error:1408F10B:SSL routines:ssl3_get_record:wrong version number" > > Sorry if this is an added burden, or, horrors, if I misread earlier emails on the subject. Joe, this is a typical situation when OpenSSL tries to negotiate SSL on a port that talks plaintext. If you configured the port explicitly, then you need to change it, too, to the SSL-wrapped version (POP3 --ssl will use 995, IMAP --ssl will use 993) or just remove the --port or --service parameter and go with the defaults (if your ISP serves on the usual port, that will be sufficient). - else see https://www.fetchmail.info/fetchmail-FAQ.html#G3 for what information we need to help you. Also, your fetchmail was compiled with OpenSSL 1.1.0i headers and uses a run-time library 1.1.1d. This is a strange situation. If you built fetchmail yourself, make sure your system is fully updated and then clean and rebuild fetchmail. Regards, Matthias |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-08-16 17:06:26
|
> Am 16.08.21 um 01:45 schrieb Joe Acquisto-j4: >> >>>> Version 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS >>>> >>>> Recent ping about SSL issue cause me to look at config and logs. Surprise. >>>> Been going on for months. My bad for not noticing earlier. >>>> >>>> from /var/log/fetchmail.log >>>> >>>> fetchmail: Loaded OpenSSL library 0x1010104f newer than headers 0x1010009f, >>>> trying to continue. >>>> fetchmail: OpenSSL reported: error:1408F10B:SSL >>>> routines:ssl3_get_record:wrong version number >>>> >>>> I'll search a bit while awaiting the lifeguards . . . >>>> >>> Updating to absolute latest on sourceforge resolved the issue. >>> >>> Pardon the noise. >>> >> Actually . . . I lied. Secure connections do appear to work, if I leave > config options at default, >> but when I add "ssl" to my config file the particular user I add that for > shows this error on attempted fetch: >> >> "fetchmail: OpenSSL reported: error:1408F10B:SSL > routines:ssl3_get_record:wrong version number" >> >> Sorry if this is an added burden, or, horrors, if I misread earlier emails > on the subject. > > Joe, > > this is a typical situation when OpenSSL tries to negotiate SSL on a > port that talks plaintext. > > If you configured the port explicitly, then you need to change it, too, > to the SSL-wrapped version (POP3 --ssl will use 995, IMAP --ssl will use > 993) or just remove the --port or --service parameter and go with the > defaults (if your ISP serves on the usual port, that will be sufficient). > - else see https://www.fetchmail.info/fetchmail-FAQ.html#G3 for what > information we need to help you. > > Also, your fetchmail was compiled with OpenSSL 1.1.0i headers and uses a > run-time library 1.1.1d. This is a strange situation. If you built > fetchmail yourself, make sure your system is fully updated and then > clean and rebuild fetchmail. > > Regards, > Matthias > Thank you. Removing the port parameter eliminated the error. Sorry for the bother. I will look into the OpenSSL mismatch you noticed. joe a. |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-02-12 01:37:41
|
> Getting this: > > ------------------------------------------------ > Thu Feb 11 19:15:08 EST 2021 > fetchmail: OpenSSL reported: error:1408F10B:SSL > routines:ssl3_get_record:wrong version number > fetchmail: mail.myisphost.com: SSL connection failed. > fetchmail: socket error while fetching from > in...@j4...@mail.myisphost.com > fetchmail: Query status=2 (SOCKET) > ---------------------------------------------- > > This is fetchmail release 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS. > > I was getting the error earlier today. I think I somehow munged the > .fetchmailrc file at some point and created an issue. > At this point, though, I am dazed and confused. (we will not speak of my > arrogance in not making a backup of > the file before hammering away at it. No definitely we will not mention > that. . . .) > > I will be periodically checking mail in a round about way,as my "normal" way > is, umm, broken. . . . > > joe a. > Ah, the marvelous results that can occur after taking a break and some refreshment. Adjusting .fetchmailrc did the trick. My mood is much improved. joe a. |
|
From: Matthias A. <mat...@gm...> - 2021-02-12 16:35:11
|
Am 12.02.21 um 02:37 schrieb Joe Acquisto-j4: >> Getting this: >> >> ------------------------------------------------ >> Thu Feb 11 19:15:08 EST 2021 >> fetchmail: OpenSSL reported: error:1408F10B:SSL >> routines:ssl3_get_record:wrong version number >> fetchmail: mail.myisphost.com: SSL connection failed. >> fetchmail: socket error while fetching from >> in...@j4...@mail.myisphost.com >> fetchmail: Query status=2 (SOCKET) >> ---------------------------------------------- >> >> This is fetchmail release 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS. >> >> I was getting the error earlier today. I think I somehow munged the >> .fetchmailrc file at some point and created an issue. >> At this point, though, I am dazed and confused. (we will not speak of my >> arrogance in not making a backup of >> the file before hammering away at it. No definitely we will not mention >> that. . . .) >> >> I will be periodically checking mail in a round about way,as my "normal" way >> is, umm, broken. . . . >> >> joe a. >> > > Ah, the marvelous results that can occur after taking a break and some refreshment. > > Adjusting .fetchmailrc did the trick. My mood is much improved. For the public, that would have been some --sslproto option you were hacking? |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-02-12 16:56:52
|
> Am 12.02.21 um 02:37 schrieb Joe Acquisto-j4: >>> Getting this: >>> >>> ------------------------------------------------ >>> Thu Feb 11 19:15:08 EST 2021 >>> fetchmail: OpenSSL reported: error:1408F10B:SSL >>> routines:ssl3_get_record:wrong version number >>> fetchmail: mail.myisphost.com: SSL connection failed. >>> fetchmail: socket error while fetching from >>> in...@j4...@mail.myisphost.com >>> fetchmail: Query status=2 (SOCKET) >>> ---------------------------------------------- >>> >>> This is fetchmail release 6.4.2-rc3+SSL-SSLv2-SSLv3+NLS. >>> >>> I was getting the error earlier today. I think I somehow munged the >>> .fetchmailrc file at some point and created an issue. >>> At this point, though, I am dazed and confused. (we will not speak of my >>> arrogance in not making a backup of >>> the file before hammering away at it. No definitely we will not mention >>> that. . . .) >>> >>> I will be periodically checking mail in a round about way,as my "normal" way >>> is, umm, broken. . . . >>> >>> joe a. >>> >> >> Ah, the marvelous results that can occur after taking a break and some > refreshment. >> >> Adjusting .fetchmailrc did the trick. My mood is much improved. > For the public, that would have been some --sslproto option you were > hacking? > > Oh, sorry . . . Simply adding sslproto 'auto' which had gone missing, did the trick. Once that worked, added sslcertck as well. Still working. Thanks for making it so simple even I could figure it out. Eventually. joe a. |
|
From: Matthias A. <mat...@gm...> - 2021-02-12 17:30:47
|
Am 12.02.21 um 17:56 schrieb Joe Acquisto-j4: > > Oh, sorry . . . > > Simply adding sslproto 'auto' which had gone missing, did the trick. I am scratching my head over this one. sslproto auto should be the implicit default, and not much has changed since 6.4.2... > Once that worked, added sslcertck as well. Still working. That, too, is a default since 6.4.x versions of fetchmail... Might there have been intermittent server-side experiments that were ended sooner because they turned out to exclude too many clients? Which OpenSSL version does your fetchmail computer use? |
|
From: Joe Acquisto-j. <jo...@j4...> - 2021-02-12 18:03:17
|
> Am 12.02.21 um 17:56 schrieb Joe Acquisto-j4: >> >> Oh, sorry . . . >> >> Simply adding sslproto 'auto' which had gone missing, did the trick. > > I am scratching my head over this one. sslproto auto should be the > implicit default, and not much has changed since 6.4.2... > >> Once that worked, added sslcertck as well. Still working. > That, too, is a default since 6.4.x versions of fetchmail... > > Might there have been intermittent server-side experiments that were > ended sooner because they turned out to exclude too many clients? > > Which OpenSSL version does your fetchmail computer use? > Sorry again. I for got to mention that I for some reason had sslfingerprint in use. I eliminated that and added sslproto. Probably of no consequence give my confession above but openssl is "OpenSSL 1.1.0i-fips 14 Aug 2018. joe a. |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X