[fetchmail]Re: SSL authentication problems with Gmail
Matthias Andree
matthias.andree@gmx.de
Sat, 17 Dec 2005 15:32:10 +0100
Sebastian Tennant <sebyte@smolny.plus.com> writes:
> Matthias Andree <matthias.andree@gmx.de> writes:
>
>> Sebastian Tennant <sebyte@smolny.plus.com> writes:
>>> [...]
>> Hm. Does another "-v" provide detail?
>
> Nope. No more info.
>
> And I've now noticed another problem.
>
> fetchmail[3914]: awakened at Fri Dec 16 08:07:58 2005
> fetchmail[3914]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Fri \
> Dec 16 08:07:58 2005: poll started
> fetchmail[3914]: Issuer Organization: Thawte Consulting cc
> fetchmail[3914]: Issuer CommonName: Thawte Premium Server CA
> fetchmail[3914]: Server CommonName: pop.googlemail.com
> fetchmail[3914]: pop.googlemail.com key fingerprint: \
> 46:8B:6C:F4:3E:4C:56:29:83:54:2C:37:42:F1:67:80
> fetchmail[3914]: SIGPIPE thrown from an MDA or a stream socket error
> fetchmail[3914]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Fri \
> Dec 16 08:07:58 2005: poll completed
> fetchmail[3914]: Query status=2 (SOCKET)
>
> I think this happens when I fire up Gnus (configured to collect my IMAP mail
> only). Could POP and IMAP be sharing the same port or socket or
> something?
Quite close. To clash, the 4-tuple (source IP address, source port,
destination IP address, destination port) would have to be the
same. This is not the case as the source port changes every time.
Most POP3 server however lock out the IMAP server and vice versa, so it
might be the upstream server "dropping the receiver on the hook".
> This is how I created Google's pem file:
>
> Got the certificate with:
>
> $ openssl s_client -connect smtp.googlemail.com:995 -showcerts
You'd usually get the ROOT certificate from - in this case - Thawte
instead and install that. I'm not sure if Debian has a separate package
for the root certificates of the large certification authorities such as
Thawte and VeriSign.
--
Matthias Andree