Difference between revisions of "Fetchmail secure connection troubles"

From SME Server
Jump to navigationJump to search
 
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
Sometimes your ISP may have a misconfiguration and your fetchmail can get this error:
+
[[Category:Mail]]
 +
[[Category:Howto]]
 +
Sometimes your ISP's Mail Server may have a misconfiguration and your fetchmail can get this error:
  
 
  Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< .
 
  Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< .
Line 18: Line 20:
  
 
the ISP mail server, during tha authentication phase, shows as available for fetchmail a secure connection (even if this connection is NOT available as a secure one for that user);
 
the ISP mail server, during tha authentication phase, shows as available for fetchmail a secure connection (even if this connection is NOT available as a secure one for that user);
fetchmail then tries to authenticate with TLS and the connection is refused; the solution is to force fetchmail to avoid using secure protocols (command line switch --sslproto '')
+
fetchmail then tries to authenticate with TLS and the connection is refused; the solution is to force fetchmail to avoid using secure protocols (command line switch --sslproto ' ' )
  
 
Copy the file:
 
Copy the file:
Line 29: Line 31:
  
  
Then with your favourite editor find the following lines in 90fetchmail:
+
Then, with your favourite editor, open 90fetchmail and find the following lines:
  
 
  # FetchMails service configuration
 
  # FetchMails service configuration
Line 41: Line 43:
 
               $staticvalue .= "set bouncemail\nset properties \"\"\n" ;
 
               $staticvalue .= "set bouncemail\nset properties \"\"\n" ;
  
and modify the following line:
+
you must modify the following line:
  
  my $staticvalue  = "/usr/bin/fetchmail $mdbg --sslproto ''' --fetchmailrc - <<EOF\n" ;
+
  my $staticvalue  = "/usr/bin/fetchmail $mdbg --sslproto ' ' --fetchmailrc - <<EOF\n" ;
 
                              
 
                              
adding the --slproto ''' switch.
+
adding the --sslproto ' ' switch (this is like saying sslproto none).
  
Note that ''' is not " but a double ' (this is like saying sslproto none)
+
{{Note box|Note that ' ' is not " but a double ' without space between ' and ' }}
  
 
Complete with:
 
Complete with:
  
expand-template /etc/fetchmail
+
expand-template /etc/fetchmail

Latest revision as of 23:56, 31 March 2010

Sometimes your ISP's Mail Server may have a misconfiguration and your fetchmail can get this error:

Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< .
Jan 12 06:45:32 smesmb fetchmail[4260]: mail.dominiocliente.it: upgrade to TLS succeeded.
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> AUTH CRAM-MD5
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< + PDE1NjUzNzUuMTI2MzI3NTE4NkBldGluZXQuaW5mbz4=
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> aW5mb0BzdHVkaW8tbWcuaXQgNTEzM2Y0Zjg4MGY5NzFjOTQ0YzY1ZDZkY2RkYzFlNGQ=
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< -ERR secure access to this account is disabled
Jan 12 06:45:32 smesmb fetchmail[4260]:
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> USER info@dominiocliente.it
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< +OK please send the PASS
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> PASS *
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< -ERR secure access to this account is disabled
Jan 12 06:45:32 smesmb fetchmail[4260]: secure access to this account is disabled
Jan 12 06:45:32 smesmb fetchmail[4260]: Authorization failure on info@dominiocliente.it@mail.dominiocliente.it
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> QUIT
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< +OK CommuniGate Pro POP3 Server connection closed

the ISP mail server, during tha authentication phase, shows as available for fetchmail a secure connection (even if this connection is NOT available as a secure one for that user); fetchmail then tries to authenticate with TLS and the connection is refused; the solution is to force fetchmail to avoid using secure protocols (command line switch --sslproto ' ' )

Copy the file:

/etc/e-smith/templates/etc/fetchmail/90fetchmail

in:

/etc/e-smith/templates-custom/etc/fetchmail/90fetchmail


Then, with your favourite editor, open 90fetchmail and find the following lines:

# FetchMails service configuration
             $ServOpt = ' timeout ' . ( $FM->prop('timeout') || 60 ) . $ServOpt;
             my $ssl = ;
             if ( $mtype =~ s/^S// ) { $ssl = 'options ssl' }
                     my $mdbg='-d0 --silent --syslog';
                     if($Debug eq "YES") { $mdbg='-d0 --verbose --syslog'; }
                     my $staticvalue  = "/usr/bin/fetchmail $mdbg --fetchmailrc - <<EOF\n" ;
             $staticvalue .= "set postmaster \"postmaster\@$dom\"\n" ;
             $staticvalue .= "set bouncemail\nset properties \"\"\n" ;

you must modify the following line:

my $staticvalue  = "/usr/bin/fetchmail $mdbg --sslproto ' ' --fetchmailrc - <<EOF\n" ;
                           

adding the --sslproto ' ' switch (this is like saying sslproto none).


Important.png Note:
Note that ' ' is not " but a double ' without space between ' and '


Complete with:

expand-template /etc/fetchmail