Fetchmail randomly stopped working, now getting SSL error
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Rep:
Fetchmail randomly stopped working, now getting SSL error
I have a local web server that uses fetchmail to get mail from my web host so I can store my mail locally, it's always worked, and suddenly a few days ago, it just stopped. My web host says they did not make any changes to their server. This is what the log looks like:
Code:
fetchmail: 6.3.8 querying mail.example.ca (protocol POP3) at Tue 13 Dec 2022 09:58:22 AM EST: poll started
fetchmail: Trying to connect to 158.69.168.192/995...connected.
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from user@example.com@mail.example.ca
This is what the fetchmailrc looks like:
Code:
poll mail.example.ca proto pop3 port 995
user 'user@example.com' there with password 'removed' is email_user here ssl
Anyone know why this would fail suddenly or how I can get more log info out of it to see what's going on?
I tried running it with -vvv or specifying a log with -L but I'm not getting any more details.
Also if I connect to port 110 without ssl, then it works. Obviously, this is a bad idea though.
Last edited by Red Squirrel; 12-13-2022 at 09:17 AM.
Ask them to check if the SSL version or key standard changed, because it is the security portion of that connection that appears to be failing.
the most dangerous thing about accessing mail at 110 unencrypted is not that YOU do it, but that it could easily be spoofed to allow ANYONE to do it. Otherwise someone would have to be intercepting your packets to get the unencrypted data.
The provider should be willing to help (if they are any good), as this does become a security issue at this point.
Distribution: Mint 20.1 on workstation, Debian 11 on servers
Posts: 1,336
Original Poster
Rep:
Yeah I checked with them and they told me nothing changed. But I do wonder if the support people are just unaware of what types of upgrades are going on.
The fetchmail server is also very old so I wonder if there is some kind of root cert that expired, but without any adequate error/logging it's impossible to know why it's failing. Suppose I need to just look at upgrading this box.
At least you can see if it is a Cert problem. You would only need to get to connection, not the rest of the protocol because itis failing way before it is doing anything useful, like the SSL handshake.
Last edited by elgrandeperro; 12-16-2022 at 10:42 PM.
Is there a way to force more info with that command? I don't see anything in the man file such as -v etc or a way to increase debugging.
I am overly due to upgrade this server (one running Fetchmail), so I'm starting to think I may need to just do that. I'm starting to think the host disabled an old cipher or something.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.