Re: [fetchmail-users] Invalid SSL certificate

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Matthias Andree wrote:
> 1. Fetchmail does not offer direct control over the supported ciphers, but
> you might want to try --sslproto SSL3  (or SSL2; SSL23 is the default, no
> need to try that) to see if that improves your situation.
> 
> 2. Can I ask you to file a BerliOS bug report against fetchmail stating
> that fetchmail does not report SSL negotiation errors properly using
> ERR_error_string(3ssl), and a pointer to this subject?

I will go file that bug report on launchpad now.

In the mean time, I have recompiled openssl with support for the 
TLS_RSA_WITH_RC4_128_MD5 ( 0x0004 ) cipher, but fetchmail still has its 
connection rejected.  When comparing the CLIENT HELLO SSL frames sent by 
thunderbird and fetchmail, I see that fetchmail offers a few additional 
ciphers that thunderbird does not, and support for zlib compression, 
which thunderbird does not.  The only thing I see that thunderbird is 
sending that fetchmail is not, is an extension header of type 
server_name (0x0000).  Would it be possible to have fetchmail send this 
extension as well?

Re: [fetchmail-users] Invalid SSL certificate

Client daemon to move mail from POP and IMAP to your local computer

Re: [fetchmail-users] Invalid SSL certificate