From: grarpamp <gra...@gm...> - 2017-10-04 04:41:17
|
On Tue, Oct 3, 2017 at 4:37 PM, Globe Trotter via Fetchmail-users <fet...@li...> wrote: > I run Fedora 26 which has fetchmail at 6.3.26. How do I downgrade This simply means put the MD5 in fetchmailrc instead of the SHA1... downgrading (linguistic lol) to lesser strength hash function. Technically both MD5 and SHA1 are now both broken via published full collision attacks. You can search for that. Stay with the latest release since old releases are unsupported. > or better still, make fetchmail 7.x "an actual thing"? Write code. Work on tickets, roadmap, or draft user facing stuff. Or solicit / talk volunteers or current devs. > Would moving to getmail solve this issue? No. Last I checked getmail, fdm, etc did not offer enough options to properly handle config of CA and/or fingerprint checking, or even support them at all. Please make another current check for your own use case to be sure. |