[Fetchmail-users] 2 feature requests for 7.x

[Martin K. <mk...@gm...>]

Hi,

in my configuration I use fetchmail to fetch mails for several users 
from several servers in one rcfile. So lets say one rcfile has e.g. 50 
users and 5 servers, so 10 users per server. (I have several of those 
configurations.)

As I just read the message:

   Working around "Bad sender address syntax" error?

I would like to add 2 wishlist items for fetchmail 7.x:


(1) When it will be possible to repack broken messages into a new mail 
as an attachment (I like this idea, and I also encountered broken 
headers/addresses several times), I wish to be able to inform users in 
that same way, when a message has not been fetched because of size 
limit.


(2) Looking at the new features of 7.x shows that ssl options were 
changed. So maybe another change could be done, if it already changed 
anyway:

With fetchmail 6.3 I see a limitation because --ssl is not 
a server option but a user option. When e.g. 2 of the 5 servers in my 
example above need a different ssl configuration, as they may not 
support ssl at all or have a self signed certificate, I currently must 
add this to _every_ user definition:


defaults:
 	proto pop3 timeout 300 sslproto 'TLS1' ssl
 	sslcertfile /usr/ssl/certs/ca-bundle.trust.crt
 	# sslcertck
 	# sslfingerprint "82:5F:*"


poll fully-ssl-compatible-server:
 	user "s1a" there with pass "*" is "s1...@do..." here
 	sslcertck
 	nokeep fetchall

 	user "s1b" there with pass "*" is "s1...@do..." here
 	sslcertck
 	nokeep fetchall


poll self-signed-certificate-server:
 	user "s2a" there with pass "*" is "s2...@do..." here
 	sslfingerprint "82:5F:*"
 	nokeep fetchall

 	user "s2b" there with pass "*" is "s2...@do..." here
 	sslfingerprint "82:5F:*"
 	nokeep fetchall



So "sslcertck" and "sslfingerprint" must be repeated over and over. 
Also if one server doesn't support ssl at all, it's even worse. I 
can't specify "ssl" in defaults section, because there is no (or at 
least not to my knowledge) no-ssl keyword, which I could apply to all 
user accounts on that server. So instead I added "ssl" to every user 
account on every other server, just because one server doesn't support 
it. "sslcertck" is the same.


IMO all these SSL related options should be server options, not user 
options, as they apply before any user name is transmitted to the 
server, so there should be no need have it configured differently for 
every user. Ok, the server could behave diferently after user logon 
depending on the previously negotiated connection. But then I could 
have 2 different poll sections for the same server.


Martin