Menu
▾
▴
Re: [Fetchmail-users] Earthlink changed its incoming server names
|
From: Matthias A. <mat...@gm...> - 2021-06-01 17:03:57
|
Am 29.05.21 um 09:01 schrieb Matthias Andree: > Am 26.05.21 um 20:29 schrieb Matthias Andree: >> Michael, >> >> please do provide logs from a "fetchmail -Nvvd0" run, the authorization >> error mailed to you by the daemon is pretty generic, the verbose log may >> indeed provide more details. >> Also if possible don't post HTML and/or with a mailer that converts the >> server names to would-be links... >> > I've received Michael's logs off-list, and some remarks: > > - it is really the username/password combination that gets refused > > - it would however seem that with a mindspring.com address the earthlink > server should be used, but a mindspring server, and the network > configuration and also server identifications are different, see > https://help.earthlink.net/portal/en/kb/articles/email-server-settings - > so try that first. > > And more observations: > > - pop.earthlink.net seems to be pretty antediluvian with respect to > protecting passwords over the wire. No SSL service, no STLS, only APOP > as a very mild means to mitigate password theft. > > - fetchmail 6.3.26 is eight years old. Was this shipped by Synology or > is that third-party? > We have 6.4.19... and it shows fetchmail running as root, which is not > how it should be. > > Hope that helps. > > Regards, > Matthias Hi Michael, Judging from further off-list logs that I've received and that show a telnet console log chatting POP3, I suggest to change the configuration from ... user mburgoon... to user "mburgoon.with.mindspring.com" (replace the .with. by @, I just don't want to feed archive address harvesters). This will likely then cause some strange-looking logging around you...@mi...@earthlink.net, but might actually work. If you can establish that, you might want to experiment with APOP and see if Earthlink support that and in that case switch to it, as that's the minimal projection against sending passwords as cleartext through unencrypted links. My concerns around not providing any sort of TLS stand. Everyone working off some sort of internet service provider who does not support TLS for mail retrieval might want to consider contacting their support about TLS and if that's fruitless, consider switching provider. HTH Matthias |
