Menu
▾
▴
Re: [fetchmail-users] Error messages with fetchmail 6.3.8
|
From: Pongthep K. <ptk...@gm...> - 2007-05-14 18:35:43
|
> Pongthep, the easiest way for FreeBSD installations of fetchmail is to use
> the FreeBSD port - but your installation went apparently right anyways,
> except for the SSL certificates.
I dont know about SSL certificates.
Once I just cd /usr/ports/mail/fetchmail and make install. It brought me the old version. I don't know how to use cvsup. Once I read handbook, it came with tonnes of documentation, I just don't understand only confuse I got. So I downloaded a tarball and compiled from source. I am a noobie.
> The problem is with the server's certificate that your OpenSSL library does
> not recognize - installing the root certificate should fix your problem.
What is root certificate? please give me a bit of more details.
> > Questions
> > 1) My first account has nothing to do with TLS.
> > Why is there such an error message? How to fix it?
>
> You can avoid the attempts if you add
> sslproto ''
>
> to your configuration (that's two single quotes)
Yes it fixed the problem. Thanks
> > 2) Several errors with my second account (gmail).
> > How to fix it?
>
> See below.
>
> > 3) I also have 6bone tunnel for IPv6.
> > Shall I do anything special with fetchmail?
>
> There should be no need; FreeBSD 5.4 can do IPv6 as far as I know.
Alright. Thanks,
> The server offered TLS, so fetchmail tried. However, the server is not
> configured properly ("opportunistic upgrade to TLS failed") and
> additionally dropped the connection.
>
> Fetchmail noticed and retried without TLS. This is typical Courier
> behavior. I'll talk to Sam Varshavchik if he sees a chance to fix this.
>
> Suggestion above (sslproto '').
As said it fixed the problem.
> Looks as though the root certificate from Equifax is not installed on your
> computer, so the OpenSSL library cannot verify that there is no man in the
> middle attack going on. Fetchmail continues however (because you did not
> specify --sslcertck).
Can you please give me a brief example of --sslcertck? I did not find it in the provided handbook or man pages.
> Do you have the ca-roots port installed? Try doing that, it makes the
> problem go away on my computer (I have FreeBSD 6.2 and installed fetchmail
> 6.3.8 from the port).
Shall I just cd /usr/ports/security/ca-roots and make install?
How to obtain the new version?
Thank you very much
Pongthep Kulkrisada
|
