[pkg-fetchmail-maint] Bug#580796: Bug#580796: fetchmail: Connection "insecure" in spite of sslfingerprint
Matthias Andree
matthias.andree at gmx.de
Sun May 9 00:54:31 UTC 2010
tags 580796 confirmed upstream
thanks
Roland Stigge schrieb:
> Package: fetchmail
> Version: 6.3.17-1
> Severity: normal
>
> Hi,
>
> I just upgraded fetchmail from 6.3.15-1 to 6.3.17-1 and suddenly, it says:
>
> $ fetchmail
> fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)
> fetchmail: No mail for stigge at subdomain.domain.tld
> $
>
> which it didn't before. I'm using a .fetchmail stanza like this:
>
> poll subdomain.domain.tld with proto IMAP
> user 'foo' there with password 'bar' is 'quux' here options fetchall expunge 100 sslproto TLS1 sslfingerprint 'AF:22:16:91:5B:9E:5E:FE:A5:3B:28:3E:39:38:E0:27'
>
> I think I can consider the connection "secure" when I know the fingerprint of
> the server beforehand and it matches.
Indeed you can, providing the reference fingerprint was obtained through
a secure channel (and usually not by just looking at fetchmail -v output
- which some websites or older documentation recommends).
This is an oversight in creating this warning. Sorry.
More information about the pkg-fetchmail-maint
mailing list