Menu
▾
▴
Re: [Fetchmail-users] set sha1 fingerprint checking correctly on fetchmail
|
From: Globe T. <its...@ya...> - 2017-10-04 16:19:06
|
Thanks! >This simply means put the MD5 in fetchmailrc instead of the SHA1... downgrading (linguistic lol) to lesser strength hash function. Technically both MD5 and SHA1 are now both broken via published full collision attacks. You can search for that. Not sure if this will work, since gmx.com appear to have changed their fingerprint. But I guess I should ask for a md5 fingerprint? > Would moving to getmail solve this issue? > No. Last I checked getmail, fdm, etc did not offer enough options to properly handle config of CA and/or fingerprint checking, or even support them at all. Please make another current check for your own use case to be sure. I see. I do not have enough technical knowledge in this field to say if the following is enough: http://pyropus.ca/software/getmail/configuration.html#retriever-ssl-extra Thanks again! |
