I have used:
fetchmail --verbose --sslcertpath="/etc/ssl/certs" --sslcertck --proto POP3
--mda "rcvstore -sequence gmail +inbox" --logfile /var/tmp/gmail.log
to get my gmail downloaded for some time now.
It seems that fetchmail doesn't enable SNI for it's TLS connection, and I
don't see any new versions of fetchmail in years. It looks like
pop.gmail.com wants SNI:
fetchmail: Trying to connect to 2607:f8b0:4001:c16::6c/995...connected.
fetchmail: Server certificate:
fetchmail: Unknown Organization
fetchmail: Issuer CommonName: invalid2.invalid
fetchmail: Subject CommonName: invalid2.invalid
fetchmail: Server CommonName mismatch: invalid2.invalid != pop.gmail.com
fetchmail: pop.gmail.com key fingerprint:
fetchmail: Server certificate verification error: self signed certificate
fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix
[nice hack to send a message back to the user Google...]
I don't think that inc has any TLS support.
(kerberos support, yes)
Maybe there are other ways to skin this cat?
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] email@example.com http://www.sandelman.ca/ | ruby on rails [
Description: PGP signature