tags 580796 confirmed upstream
thanks
Roland Stigge schrieb:
Package: fetchmail
Version: 6.3.17-1
Severity: normal
Hi,
I just upgraded fetchmail from 6.3.15-1 to 6.3.17-1 and suddenly, it says:
$ fetchmail
fetchmail: Warning: the connection is insecure, continuing anyways. (Better
use --sslcertck!)
fetchmail: No mail for stigge at subdomain.domain.tld
$
which it didn't before. I'm using a .fetchmail stanza like this:
poll subdomain.domain.tld with proto IMAP
user 'foo' there with password 'bar' is 'quux' here options fetchall
expunge 100 sslproto TLS1 sslfingerprint
'AF:22:16:91:5B:9E:5E:FE:A5:3B:28:3E:39:38:E0:27'
I think I can consider the connection secure when I know the fingerprint of
the server beforehand and it matches.
Indeed you can, providing the reference fingerprint was obtained through
a secure channel (and usually not by just looking at fetchmail -v output
- which some websites or older documentation recommends).
This is an oversight in creating this warning. Sorry.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
