On Wed, May 3, 2017 at 1:35 PM, Sridhar M. A. <[email protected]> wrote: > On Mon, May 01, 2017 at 10:44:20PM +0530, Sridhar M. A. wrote: > > On Mon, May 01, 2017 at 02:28:47PM +0100, Luke Kenneth Casson Leighton > wrote: > > > > https://wiki.archlinux.org/index.php/OfflineIMAP#SSL_fingerprint_does_not_match > > > > > > > http://blog.developwithpassion.com/2014/12/18/quickly-fix-offlineimap-ssl-fingerprint-error-in-tmux/ > > > > > I looked at them both. I will try replacing the fingerprint and see how > > it goes. > > > I replaced the fingerprint (as indicated by the error output) and the > mail sync worked. > > But, the problem I notice is that everytime I run offlineimap, the > fingerprint keeps changing
there's absolutely no way that google would be changing the SSL certificate every hour. the complaints would be absolutely catastrophic. thus the only logical conclusion that can be reached is that someone in between you and imap.gmail.com is hijacking the SSL connection and carrying out a man-in-the-middle attack. it could be absolutely anywhere in between your computer and imap.gmail.com, so candidates include *your own computer* (which may have been compromised with a rootkit), the router in your office, the office server, the office's ISP, the router in between your ISP and gmail... absolutely anywhere. perhaps it might be time to consider if you'd like to bring this to the attention of your employer (if you are allowed permission to be *running* offlineimap from within the office) so you'll have to think carefully about that. l. _______________________________________________ OfflineIMAP-project mailing list: [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/offlineimap-project OfflineIMAP homepages: - https://github.com/OfflineIMAP - http://offlineimap.org
