[Top] [All Lists]

Re: [nmh-workers] fetchmail and SNI (and pop.gmail.com)

2019-06-27 09:23:11
I don't think that inc has any TLS support.

You are incorrect!  Supported as of 1.7 when the unified security framework
was implemented.  From the NEWS file:

- Complete unification of network security support.  All network protocols
  (currently, POP and SMTP) have been refactored to use a common set of
  security routines.  This means all protocols support all SASL mechanisms
  (via the Cyrus-SASL library) and TLS.  TLS support has been strengthened
  to perform certificate name validation and to require TLS 1.1 as a
  minimum protocol.  Also, all protocols can make use of the OAuth2/XOAUTH
  SASL mechanism, which is supported by Gmail.

The last may be interesting to you.  I had not heard of SNI before, but
a quick test suggests to me that we work fine with pop.gmail.com (we don't
error out, at least).  The Interwebs suggest I should use a special
API call to make that work and I definitely didn't do that, but it seems
to be ok?

And geez Mike, we talked about this a lot!  Wasn't a secret!



<Prev in Thread] Current Thread [Next in Thread>