D. E. Evans <[EMAIL PROTECTED]> ha escrit:
> /usr/sbin/pop3d -d -p 995 --tls-required --ssl-cert=/etc/ca-cert.pem \
> --ssl-key=/etc/ca-key.pem
[...]
> On fencepost, I then run fetchmail with the following rc entry:
>
> poll mail.deevans.net with proto POP3 user foo there with password "foobar"
> is foo here ssl mda "/usr/sbin/sendmail -oem %T"
The option --tls-required tells pop3d to not allow authentication
prior to reveiving STLS command (RFC 2595, ch. 4) and finishing TLS
negotiation. The initial connection is still expected to be a plaintext
one (albeit on port 995). In the contrast, the fetchmail parameter `ssl'
tells it to initiate encrypted connection at once, without issuing STLS
command. That's why you get `unknown protocol' error.
To fix this, do the following:
1. Start pop3d on the usual port (110):
/usr/sbin/pop3d -d --tls-required --ssl-cert=/etc/ca-cert.pem \
--ssl-key=/etc/ca-key.pem
2. Use fetchmail's tls1 option:
poll mail.deevans.net with proto POP3 user foo there with password
"foobar" is foo here ssl sslproto tls1 mda "/usr/sbin/sendmail -oem %T"
Regards,
Sergey
_______________________________________________
Bug-mailutils mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/bug-mailutils
