[pkg-fetchmail-maint] Bug#580796: fetchmail: Connection "insecure" in spite of sslfingerprint
Roland Stigge
stigge at antcom.de
Sat May 8 17:17:10 UTC 2010
Package: fetchmail
Version: 6.3.17-1
Severity: normal
Hi,
I just upgraded fetchmail from 6.3.15-1 to 6.3.17-1 and suddenly, it says:
$ fetchmail
fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)
fetchmail: No mail for stigge at subdomain.domain.tld
$
which it didn't before. I'm using a .fetchmail stanza like this:
poll subdomain.domain.tld with proto IMAP
user 'foo' there with password 'bar' is 'quux' here options fetchall expunge 100 sslproto TLS1 sslfingerprint 'AF:22:16:91:5B:9E:5E:FE:A5:3B:28:3E:39:38:E0:27'
I think I can consider the connection "secure" when I know the fingerprint of
the server beforehand and it matches.
And I didn't find a respective note in the fetchmail changelogs.
bye,
Roland
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages fetchmail depends on:
ii adduser 3.112 add and remove users and groups
ii debianutils 3.2.3 Miscellaneous utilities specific t
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libcomerr2 1.41.11-1 common error description library
ii libgssapi-krb5-2 1.8.1+dfsg-2 MIT Kerberos runtime libraries - k
ii libk5crypto3 1.8.1+dfsg-2 MIT Kerberos runtime libraries - C
ii libkrb5-3 1.8.1+dfsg-2 MIT Kerberos runtime libraries
ii libssl0.9.8 0.9.8n-1 SSL shared libraries
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
Versions of packages fetchmail recommends:
ii ca-certificates 20090814 Common CA certificates
Versions of packages fetchmail suggests:
pn fetchmailconf <none> (no description available)
ii postfix [mail-transport-agent 2.7.0-1 High-performance mail transport ag
ii resolvconf 1.45 name server information handler
-- no debconf information
More information about the pkg-fetchmail-maint
mailing list