Sebastian Tennant <sebyte(_at_)smolny(_dot_)plus(_dot_)com> writes:
OK, added another `-v' and it just lists the Thawte server as well...
fetchmail[4584]: starting fetchmail 6.3.1 daemon
fetchmail[4584]: 6.3.1 querying pop.googlemail.com (protocol POP3) at Wed
Jan 4 11:47:17 2006: poll started
fetchmail[4584]: Issuer Organization: Thawte Consulting cc
fetchmail[4584]: Issuer CommonName: Thawte Premium Server CA
fetchmail[4584]: Server CommonName: pop.googlemail.com
fetchmail[4584]: pop.googlemail.com key fingerprint:
46:8B:6C:F4:3E:4C:56:29:83:54:2C:37:42:F1:67:80
fetchmail[4584]: 6.3.1 querying pop.googlemail.com (protocol POP3) at Wed
Jan 4 11:47:18 2006: poll completed
fetchmail[4584]: Query status=2 (SOCKET)
fetchmail[4584]: sleeping at Wed Jan 4 11:47:18 2006
Looks like it never talks to the POP server. Can you drop the "port
995" and "sslcertck" options from your fetchmailrc and see what you
get.
Removed these lines and it works. Thanks to everyone who helped.
Well, I checked the source code and found no code path where SSL
certificate verification would fail without leaving log messages, such
as 1. the actual error and 2. "SSL connection failed".
POP3 was configured explicitly, so "port 995" forth or back doesn't make
a difference either -- removing this option can only make things worse,
not better.
Remains the question after sslcertck -- it will log trouble, too, EXCEPT
if a certificate at greater depth causes a preverification failure
without setting the error code in the X.509 context variables (and we'd
still get "SSL connection failed" in this case).
It appears as though the server dropped the connection after the SSL
negotiation and before the greeting, or that your log information is
incomplete. Your logging appears to be from syslog, so could you post
your syslog.conf or syslog-ng.conf (whichever you're *actually* using)?
Do you get more detailed logging with "fetchmail --nosyslog -vv -N -d0
--sslcertck --port 995"? Can you try running this and see if you still
get socket errors and if so, which errors they print?
Thanks in advance,
--
Matthias Andree
_______________________________________________
Fetchmail-friends mailing list
Fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org
http://lists.ccil.org/cgi-bin/mailman/listinfo/fetchmail-friends