Menu
▾
▴
Re: [Fetchmail-users] gmail timeout using IMAP
|
From: Matthias A. <mat...@gm...> - 2020-02-05 20:08:50
|
Am 05.02.20 um 20:06 schrieb Joe Acquisto-j4: > Well . . . oops? Don't know how I missed the port issue. At some point the > "ssl" option was deleted from the user line. > > That resolved the connection failure. Working after a few fetch cycles and > chasing a gmail issue. The ssl fingerprint seems to change, seemingly with what > IP it happens to connect. SSL fingerprints are mostly non-workable for those of the big sites that use per-host certificates, and fetchmail won't let you list dozens, let a lone use a secure hash (it uses MD5). Be sure to install the Mozilla root certificates (most distributions have packages such as ca-certificates or nss_root_ca) that integrate with the default OpenSSL configuration such that the certificates can be verified automatically, do not use --sslfingerprint, do not use --nosslcertck (but do use --sslcertck on 6.3.x) and move on. > While I do find almost immediate response when connecting (human eyeball time) I suppose Google's non-SSL port (which would have had to use STARTTLS or possibly risked broken clients volunteering their password over unencrypted links) is firewalled and blackholes inbound traffic. And yes, Google isn't exactly following the IMAP RFCs (standards) to the letter, or even the traditional model of an IMAP server. |
