Fetchmail secure connection troubles
From SME Server
Jump to navigationJump to searchThe printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Sometimes your ISP's Mail Server may have a misconfiguration and your fetchmail can get this error:
Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< . Jan 12 06:45:32 smesmb fetchmail[4260]: mail.dominiocliente.it: upgrade to TLS succeeded. Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> AUTH CRAM-MD5 Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< + PDE1NjUzNzUuMTI2MzI3NTE4NkBldGluZXQuaW5mbz4= Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> aW5mb0BzdHVkaW8tbWcuaXQgNTEzM2Y0Zjg4MGY5NzFjOTQ0YzY1ZDZkY2RkYzFlNGQ= Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< -ERR secure access to this account is disabled Jan 12 06:45:32 smesmb fetchmail[4260]: Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> USER info@dominiocliente.it Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< +OK please send the PASS Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> PASS * Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< -ERR secure access to this account is disabled Jan 12 06:45:32 smesmb fetchmail[4260]: secure access to this account is disabled Jan 12 06:45:32 smesmb fetchmail[4260]: Authorization failure on info@dominiocliente.it@mail.dominiocliente.it Jan 12 06:45:32 smesmb fetchmail[4260]: POP3> QUIT Jan 12 06:45:32 smesmb fetchmail[4260]: POP3< +OK CommuniGate Pro POP3 Server connection closed
the ISP mail server, during tha authentication phase, shows as available for fetchmail a secure connection (even if this connection is NOT available as a secure one for that user); fetchmail then tries to authenticate with TLS and the connection is refused; the solution is to force fetchmail to avoid using secure protocols (command line switch --sslproto ' ' )
Copy the file:
/etc/e-smith/templates/etc/fetchmail/90fetchmail
in:
/etc/e-smith/templates-custom/etc/fetchmail/90fetchmail
Then, with your favourite editor, open 90fetchmail and find the following lines:
# FetchMails service configuration $ServOpt = ' timeout ' . ( $FM->prop('timeout') || 60 ) . $ServOpt; my $ssl = ; if ( $mtype =~ s/^S// ) { $ssl = 'options ssl' } my $mdbg='-d0 --silent --syslog'; if($Debug eq "YES") { $mdbg='-d0 --verbose --syslog'; } my $staticvalue = "/usr/bin/fetchmail $mdbg --fetchmailrc - <<EOF\n" ; $staticvalue .= "set postmaster \"postmaster\@$dom\"\n" ; $staticvalue .= "set bouncemail\nset properties \"\"\n" ;
you must modify the following line:
my $staticvalue = "/usr/bin/fetchmail $mdbg --sslproto ' ' --fetchmailrc - <<EOF\n" ;
adding the --sslproto ' ' switch (this is like saying sslproto none).
Complete with:
expand-template /etc/fetchmail