gmane.mail.fetchmail.user

getting fetchmail to work with postfix

Jürgen Echter — 2012-05-25T12:53:24

Hi,

i try to setup fetchmail to get mails and send them with postfix to my 
local dovecot imapd.

If i try to run fetchmail i get this in the logs:

fetchmail[4514]: 1 message for test< at >mydomain.de at mailserver.external.de.
fetchmail[4514]: reading message test< at >mydomain< at >mailserver.external.de:1 
of 1 (649 header octets) (log message incomplete)
fetchmail[4514]: connection to localhost:smtp [::1/25] failed: 
Connection refused.
postfix/smtpd[4516]: connect from localhost[127.0.0.1]
postfix/smtpd[4516]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 
550 5.1.1 <test< at >mydomain.de>: Recipient address rejected: mydomain.de; 
from=<j.echter< at >mydomain.de> to=<test< at >mydomain.de> proto=ESMTP 
helo=<mehlbox.workgroup.local>
fetchmail[4514]: SMTP error: 550 5.1.1 <test< at >mydomain.de>: Recipient 
address rejected: mydomain.de
fetchmail[4514]: connection to localhost:smtp [::1/25] failed: 
Connection refused.
postfix/smtpd[4519]: connect from localhost[127.0.0.1]
postfix/smtpd[4519]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 
550 5.1.1 <j.echter< at >mydomain.de>: Recipient address rejected: 
mydomain.de; from=<> to=<j.echter< at >mydomain.de> proto=SMTP 
helo=<mehlbox.workgroup.local>
postfix/smtpd[4519]: disconnect from localhost[127.0.0.1]
postfix/smtpd[4516]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 
550 5.1.1 <j.echter< at >mydomain.de>: Recipient address rejected: 
mydomain.de; from=<j.echter< at >mydomain.de> to=<j.echter< at >mydomain.de> 
proto=ESMTP helo=<mehlbox.workgroup.local>
fetchmail[4514]: can't even send to j.echter< at >echter-kuechen-elektro.de!
fetchmail[4514]:  flushed
postfix/smtpd[4516]: disconnect from localhost[127.0.0.1]
fetchmail[4514]: sleeping at Fr 25 Mai 2012 14:42:00 CEST for 300 seconds


my fetchmailrc looks like this:

set postmaster "j.echter< at >mydomain.de"
set bouncemail
set no spambounce
set properties ""
set syslog
set daemon 300

poll mailserver.external.de with proto IMAP
        user 'test< at >mydomain.de' there with password 's3cr3t' is 
'test< at >mydomain.de' here ssl

is the problem because i told fetchmail to send mails also to 
test< at >mydomain.de?

postfix looks up users via ldap, which works afaik

postmap -q test< at >mydomain.de ldap:/etc/postfix/ldap-aliases.cf
test< at >mydomain.de


sorry if this is too simple, for me its not easy to get whats wrong.

greets

juergen

non-default "mailbox selection failed"

Travis Osterman — 2012-05-24T18:03:26

Hello, I am trying to use fectchmail to fetch the contents of a folder
(.spam.missed/) from my courier-imap server so that I can send the
messages to spamassassin's learning program.  Using this as a guide:
http://wiki.apache.org/spamassassin/SingleUserUnixInstall#Enable_IMAP_LearnAsSpam_folder

When I invoke
$ /usr/bin/fetchmail -a -v -n --folder /home/USER/.maildir/.spam.missed/
-m '/usr/bin/sa-learn -D --spam' --fetchmailrc /home/USER/.spamtrainingpoprc

I get this:
[snip]
fetchmail: IMAP> A0004 LOGIN "USER" *
fetchmail: IMAP< A0004 OK LOGIN Ok.
fetchmail: IMAP> A0005 SELECT "/home/USER/.maildir/.spam.missed/"
fetchmail: IMAP< A0005 NO Mailbox does not exist, or must be subscribed to.
fetchmail: mailbox selection failed
fetchmail: IMAP> A0006 LOGOUT
fetchmail: IMAP< * BYE Courier-IMAP server shutting down
fetchmail: IMAP< A0006 OK LOGOUT completed
fetchmail: client/server synchronization error while fetching from
USER< at >domain.tld
fetchmail: 6.3.21 querying domain.tld (protocol IMAP) at Thu May 24
13:21:13 2012: poll completed
fetchmail: Query status=7 (ERROR)
fetchmail: normal termination, status 7

This is the fetchmailrc file I set up (to not conflict with my main
fetchmail file which works fine)

== ~/.spamtrainingpoprc ==
# used by spamassassin to train Bayes
poll domain.tld protocol IMAP:
user USER with password PASSWORD
=================


== system info ==
OS: gentoo
gcc version 4.4.5 (Gentoo 4.4.5 p1.3, pie-0.4.5)
fetchmail 6.3.21+RPA+NTLM+SDPS+SSL+NLS
courier-imap-4.5.0
=================

Any thoughts?  Thank you in advance.

Fetchmail, gmail, and a new computer

Jim J — 2012-05-20T18:24:20

I'm using fetchmail 6.3.18 (from Ubuntu Oneiric) to pull email from gmail
using POP3. It works fine. The first time I ran it it downloaded all of my
email. Every time I've run it since then it's downloaded only new email.
Gmail is configured to archive the email after it's been accessed via POP3.

Now I have a new computer (fetchmail 6.3.21, Ubuntu Precise). I would like
my new computer to pick up where the old left off. Fetchmail doesn't seem
to want to do this by default. Instead, it wants to download my entire
Gmail account. How do I make my new installation pick up where the other
one left off? Since fetchmail didn't download everything every time, even
after a reboot, it seems logical that there's a file somewhere I could copy
over, but I can't find one.

Thanks,

Jim

Problem with Demon's new Microsoft ExchangeServer 2010 service

John Connett — 2012-05-07T10:10:47

Operating system:
     $ cat /etc/SuSE-release
     openSUSE 12.1 (x86_64)
     VERSION = 12.1
     CODENAME = Asparagus

Name and origin of the RPM:
     $ rpm -q fetchmail
     fetchmail-6.3.21-4.1.3.x86_64

The name and version of the SMTP listener:
     $ rpm -q exim
     exim-4.75-5.1.3.x86_64

Command-line options you used:
     openSUSE 12.1 distributed /etc/inid.d/fetchmail with added "-vvv".

/etc/fetchmailrc (with names changed to protect the innocent):
     $ cat /etc/fetchmailrc
     # Configuration created Thu Apr 26 22:58:13 2012
     set bouncemail
     set properties ""
     set daemon 300
     poll mail.demon.co.uk proto IMAP
            localdomains yyy.demon.co.uk
            user 'administrator< at >yyy.demon.co.uk' there password 'secret' is  
xxx here
            sslproto TLS1
            sslcertck
     poll mail.demon.co.uk proto IMAP
            localdomains yyy.demon.co.uk
            user 'xxx< at >yyy.demon.co.uk' there password 'secret' is xxx here
            sslproto TLS1
            sslcertck

Problem:
I have recently been migrated to Demon's new service which appears to be  
based on Microsoft Exchange Server 2010.  The migration appeared to have  
been successful with messages being fetched.  Then fetching of messages  
ceased.  I added "-vvv" to /etc/init.d/fetchmail and restarted fetchmail.   
Here are edited highlights from /var/log/fetchmail:

fetchmail: IMAP< A0004 NO AUTHENTICATE failed.
fetchmail: IMAP> A0005 LOGIN "xxx< at >yyy.demon.co.uk" *
fetchmail: IMAP< A0005 OK LOGIN completed.
fetchmail: selecting or re-polling default folder
fetchmail: IMAP> A0006 SELECT "INBOX"
fetchmail: IMAP< * 264 EXISTS
fetchmail: IMAP< * 1 RECENT
fetchmail: IMAP< * FLAGS (\Seen \Answered \Flagged \Deleted \Draft  
$MDNSent)
fetchmail: IMAP< * OK [PERMANENTFLAGS (\Seen \Answered \Flagged \Deleted  
\Draft $MDNSent)] Permanent flags
fetchmail: IMAP< * OK [UNSEEN 1] Is the first unseen message
fetchmail: IMAP< * OK [UIDVALIDITY 3203] UIDVALIDITY value
fetchmail: IMAP< * OK [UIDNEXT 2124] The next unique identifier value
fetchmail: IMAP< A0006 OK [READ-WRITE] SELECT completed.
fetchmail: 264 messages waiting after first poll
fetchmail: IMAP> A0007 EXPUNGE
fetchmail: IMAP< * 264 EXISTS
fetchmail: IMAP< A0007 OK EXPUNGE completed.
fetchmail: 264 messages waiting after expunge
fetchmail: 264 messages for xxx< at >yyy.demon.co.uk at mail.demon.co.uk.
fetchmail: IMAP> A0008 FETCH 1:100 RFC822.SIZE
fetchmail: IMAP< * 1 FETCH (RFC822.SIZE 8512)
fetchmail: IMAP< * 2 FETCH (RFC822.SIZE 6404)
[...]
fetchmail: IMAP< * 99 FETCH (RFC822.SIZE 2942)
fetchmail: IMAP< * 100 FETCH (RFC822.SIZE 3914)
fetchmail: IMAP< A0008 OK FETCH completed.
fetchmail: IMAP> A0009 FETCH 1 RFC822.HEADER
fetchmail: IMAP< A0009 OK FETCH completed.
fetchmail: Incorrect FETCH response: OK FETCH COMPLETED..
fetchmail: IMAP> A0010 LOGOUT
fetchmail: IMAP< * BYE Microsoft Exchange Server 2010 IMAP4 server signing  
off.
fetchmail: IMAP< A0010 OK LOGOUT completed.
fetchmail: client/server synchronization error while fetching from  
xxx< at >yyy.demon.co.uk< at >mail.demon.co.uk
fetchmail: 6.3.21 querying mail.demon.co.uk (protocol IMAP) at Mon May  7  
10:07:45 2012: poll completed
fetchmail: Merged UID list from mail.demon.co.uk: <empty>
fetchmail: Query status=7 (ERROR)
fetchmail: sleeping at Mon May  7 10:07:45 2012 for 600 seconds

The problem seems to be the "A0009 OK FETCH completed." response to "A0009  
FETCH 1 RFC822.HEADER".  There are no patches touching "imap.c" in the  
openSUSE source RPM and I have confirmed that it is identical to the  
6.3.21 original.

The "Incorrect FETCH response: OK FETCH COMPLETED.." appears to be  
generated from within imap_fetch_headers() by "an unexpected tagged  
response".  Is this an exciting new innovation in Microsoft Exchange  
Server 2010?

Please let me know if you need any further information.
--
John Connett

LDAP support

Jürgen Echter — 2012-04-25T08:39:49

Hi,

i'd like to use fetchmail to receive mails from our mailserver and put 
them to our local cyrus imap server.

cyrus is working with ldap.

does anybody have a good page to read how i could use fetchmail with ldap?

thanks

juergen

Sound question

Danny — 2012-04-06T05:11:56

Hi guys,

I want fetchmail/procmail to play a sound when I recieve mail from a certain
mail address ... is that possible?

I am running Debian ...

Thanks

Danny

AUTHFAIL

Masaru Nomiya — 2012-04-05T03:19:34

Hello,

I'm using fetchmail 6.3.21 on openSUSE 12.1 (x86_64).
From this month, my university changed Mail Server to;

IMAP
imap4 protocol over tls/ssl port 993
SMTP
smtp protocol over tls/ssl port 465

So, I got ssl sever certificate file, then installed.

I wrote .fetchmailrc as follows;

poll imap.ris.ac.jp
     protocol imap
     port 993
     user 'USERNAME'
     pass 'PASSWORD' 
     ssl
     sslproto tls
     sslfingerprint '21:AE:77:33:59:58:3D:6E:A5:9A:FB:C6:86:42:94:F2'
     sslcertck
     sslcertpath '/home/masaru/.certs'

At the moment, fetchmail -v gave me an error message;

[...]
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS AUTH=PLAIN
fetchmail: IMAP< A0001 OK Capability completed.
fetchmail: IMAP> A0002 LOGIN "nomiya< at >ris.ac.jp" *
fetchmail: IMAP< A0002 NO [AUTHENTICATIONFAILED] Authentication failed.
fetchmail: USERNAME< at >imap.ris.ac.jp の認証に失敗しました
fetchmail: これについてのヘルプは http://www.fetchmail.info/fetchmail-FAQ.html#R15 を見てください
fetchmail: IMAP> A0003 LOGOUT
fetchmail: IMAP< * BYE Logging out
fetchmail: IMAP< A0003 OK Logout completed.
fetchmail: 6.3.21 は imap.ris.ac.jp とプロトコル IMAP を用いて 2012年04月05日 11時58分58秒 に交信しています。交信が終了しました。
fetchmail: Query status=3 (AUTHFAIL)
[...]

That is, the system failed to authenticate my password.

I added --auth, for example;

poll imap.ris.ac.jp
     protocol imap
     port 993
     auth any
     user 'USERNAME'
     pass 'PASSWORD' 
     ssl
     sslproto tls
     sslfingerprint '21:AE:77:33:59:58:3D:6E:A5:9A:FB:C6:86:42:94:F2'
     sslcertck
     sslcertpath '/home/masaru/.certs'

But they are to no avail.

[...]
fetchmail: IMAP< * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS AUTH=PLAIN
fetchmail: IMAP< A0001 OK Capability completed.
fetchmail: IMAP> A0002 LOGIN "nomiya< at >ris.ac.jp" *
fetchmail: IMAP< A0002 NO [AUTHENTICATIONFAILED] Authentication failed.
fetchmail: nomiya< at >ris.ac.jp< at >imap.ris.ac.jp の認証に失敗しました
fetchmail: これについてのヘルプは http://www.fetchmail.info/fetchmail-FAQ.html#R15 を見てください
fetchmail: IMAP> A0003 LOGOUT
fetchmail: IMAP< * BYE Logging out
fetchmail: IMAP< A0003 OK Logout completed.
fetchmail: 6.3.21 は imap.ris.ac.jp とプロトコル IMAP を用いて 2012年04月05日 12時15分13秒 に交信しています。交信が終了しました。
fetchmail: Query status=3 (AUTHFAIL)
[...]

What's worng with me, I wonder?

Any hints?

Thanks in advance.

---
┏━━┓彡 Masaru Nomiya             mail-to: nomiya < at > galaxy.dti.ne.jp
┃＼／彡
┗━━┛ "Bill! You married with Computers.
          Not with Me!"
         "No..., with money."

Can't retrieve all messages

Алексей Мишустин — 2012-03-25T20:25:14

Hello,

For some reason fetchmail doesn't retrieve all messages from my Gmail
inbox (about 2000 messages received in five months) via POP3. I've got
only a part of messages, about 540, even with `fetchmail -a`.

Verbose POP3 listing:

fetchmail: POP3< +OK Gpop ready for requests from [MY IP ADDRESS]
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< USER
fetchmail: POP3< RESP-CODES
fetchmail: POP3< EXPIRE 0
fetchmail: POP3< LOGIN-DELAY 300
fetchmail: POP3< TOP
fetchmail: POP3< UIDL
fetchmail: POP3< X-GOOGLE-VERHOEVEN
fetchmail: POP3< X-GOOGLE-RICO
fetchmail: POP3< .
fetchmail: POP3> USER [MY LOGIN]
fetchmail: POP3< +OK send PASS
fetchmail: POP3> PASS *
fetchmail: POP3< +OK Welcome.
fetchmail: выбирается или повторяется опрос каталога по умолчанию
(selecting or re-polling default folder)
fetchmail: POP3> STAT
fetchmail: POP3< +OK 542 3756251
fetchmail: POP3> UIDL
fetchmail: POP3< +OK

My .fetchmail.rc :

set logfile "[MY LOGFILE]"

poll pop.gmail.com
port 995
proto pop3
uidl

user [MY LOGIN]
pass [MY PASS]

ssl

keep
no fetchall

no rewrite
mda "/usr/bin/procmail -d %T";

How could I retrieve all messages?

--
Regards,
Alex
_______________________________________________
fetchmail-users mailing list
fetchmail-users< at >lists.berlios.de
https://lists.berlios.de/mailman/listinfo/fetchmail-users

inactivity timeout when fetching mail from yahoo

Chris — 2012-03-24T13:55:03

The software I usually use to poll my yahoo account has gotten a bug in
it that hasn't been fixed yet so I've fallen back to fetchmail to poll
my pop account. I noticed awhile ago that after so many messages that
the fetchmail log is showing an inactivity timeout:

fetchmail: about to deliver with: procmail
fetchmail:  flushed
fetchmail: POP3> DELE 15
fetchmail: POP3< -ERR inactivity timeout
fetchmail: inactivity timeout
fetchmail: POP3> QUIT
fetchmail: 6.3.18 querying pop.mail.yahoo.com (protocol POP3) at Sat 24
Mar 2012 08:46:24 AM CDT: poll completed

fetchmail: discarding new UID list
fetchmail: Query status=24
fetchmail: Writing fetchids file.

My cl is this:

fetchmail -v -v -v --nokeep --nosyslog
--logfile /home/chris/fetchmaillog --uidl -m procmail

I have a 10Mbps dsl connection and according to a speed test I'm getting
8.3Mbps. Is it just an issue at yahoo?

anti - SPAM

2012-03-20T20:00:14

Any anti-SPAM s/w that can work with fetchmail?   Seems like everything I find seems to require I set up  an MTA and point incoming mail to it (vs using fetchmail to get my stuff where it currently goes), or, buy a service, or, like that . . .

Thanks.

Can't find /etc/default/fetchmailrc or/etc/fetchmailrc

Emessiri Kessiena — 2012-02-28T08:32:30

Hello,

I am new to this mailing list. Hope you all having a good day.

I recently install fetchmail-6.3.21 from source on my linux system.
I don't use a distribution, I am using a system I built using LFS.

During compilation and install all runs fine, I am able to "fetch" my mail
using the ./fetchmailrc file in my home directory. I am currently trying to
settup my fetchmail with Postfix to feed the mail to the MTA. However I
don't have a /etc/default/fetchmailrc file on my system.

I am using these instructions:
http://ubuntuforums.org/showthread.php?t=1015150

should I create it? of did I forget an option during compilation?

Any help would be greatly apreciated

Kind regards,

Fetchmail not deleting mail from gmail server forone user

Chris — 2012-02-23T01:15:53

Let me explain quite a bit more. My wife has a new Android smartphone so
I set her up with her own gmail account. To make things easy for her
until she gets used to using the phone I setup fetchmail to poll her
gmail account and pull her mail down to the computer. I also have a
gmail account and just copied/pasted the setup in .fetchmailrc and
changed username/password. When fetchmail polls my gmail account it
picks up any mail and deletes it from the server, when it polls her
account it picks up any mail but doesn't delete it from the server. Here
is the command line I'm using to call fetchmail:

fetchmail -v -v -v --nokeep --nosyslog
--logfile /home/chris/fetchmaillog --uidl -m procmail

Usually I just run it with one -v however it this case I wanted as
verbose logging as possible. Here's what the log output looks like:

fetchmail: 6.3.18 querying pop.gmail.com (protocol POP3) at Wed 22 Feb
2012 05:27:23 PM CST: poll started
fetchmail: Trying to connect to 74.125.45.108/995...connected.
fetchmail: Certificate chain, from root to peer, starting at depth 2:
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Certificate at depth 1:
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Subject CommonName: Google Internet Authority
fetchmail: Server certificate:
fetchmail: Issuer Organization: Google Inc
fetchmail: Issuer CommonName: Google Internet Authority
fetchmail: Subject CommonName: pop.gmail.com
fetchmail: pop.gmail.com key fingerprint:
B8:AF:A7:80:CD:E2:31:50:6F:ED:0E:4F:C8:04:D6:CD
fetchmail: POP3< +OK Gpop ready for requests from 71.2.125.101
w25pf4417836yhi.9
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< USER
fetchmail: POP3< RESP-CODES
fetchmail: POP3< EXPIRE 0
fetchmail: POP3< LOGIN-DELAY 300
fetchmail: POP3< TOP
fetchmail: POP3< UIDL
fetchmail: POP3< X-GOOGLE-VERHOEVEN
fetchmail: POP3< X-GOOGLE-RICO
fetchmail: POP3< .
fetchmail: POP3> USER chris.pollock1948< at >gmail.com
fetchmail: POP3< +OK send PASS
fetchmail: POP3> PASS *
fetchmail: POP3< +OK Welcome.
fetchmail: selecting or re-polling default folder
fetchmail: POP3> STAT
fetchmail: POP3< +OK 1 2394
fetchmail: POP3> UIDL
fetchmail: POP3< +OK
fetchmail: POP3< 1 GmailId135a75ac5dfc13d3
fetchmail: 1 is unseen
fetchmail: POP3< .
fetchmail: 1 message for chris.pollock1948< at >gmail.com at pop.gmail.com
(2394 octets).
fetchmail: POP3> LIST 1
fetchmail: POP3< +OK 1 2394
fetchmail: POP3> TOP 1 99999999
fetchmail: POP3< +OK message follows
fetchmail: reading message
chris.pollock1948< at >gmail.com< at >yx-in-f109.1e100.net:1 of 1 (2394
octets)About to rewrite Return-Path: <cpollock< at >embarqmail.com>...
...rewritten version is Return-Path: <cpollock< at >embarqmail.com>.
fetchmail: About to rewrite Return-Path: <cpollock< at >embarqmail.com>...
...rewritten version is Return-Path: <cpollock< at >embarqmail.com>.
fetchmail: About to rewrite From: Chris <cpollock< at >embarqmail.com>...
...rewritten version is From: Chris <cpollock< at >embarqmail.com>.
fetchmail: About to rewrite To: "chris.pollock1948< at >gmail.com"
<chris.pollock1948< at >gmail.com>...
...rewritten version is To: "chris.pollock1948< at >gmail.com"
<chris.pollock1948< at >gmail.com>.
fetchmail: about to deliver with: procmail
fetchmail: message chris.pollock1948< at >gmail.com< at >yx-in-f109.1e100.net:1
was not the expected length (2440 actual != 2394 expected)
fetchmail:  flushed
fetchmail: POP3> DELE 1
fetchmail: POP3< +OK marked for deletion
fetchmail: POP3> QUIT
fetchmail: POP3< +OK Farewell.
fetchmail: 6.3.18 querying pop.gmail.com (protocol POP3) at Wed 22 Feb
2012 05:27:52 PM CST: poll completed
fetchmail: New UID list from pop.gmail.com: GmailId135a75ac5dfc13d3 =
EXPUNGED
fetchmail: swapping UID lists
fetchmail: 6.3.18 querying pop.gmail.com (protocol POP3) at Wed 22 Feb
2012 05:27:52 PM CST: poll started
fetchmail: Trying to connect to 74.125.45.108/995...connected.
fetchmail: Certificate chain, from root to peer, starting at depth 2:
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Certificate at depth 1:
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Subject CommonName: Google Internet Authority
fetchmail: Server certificate:
fetchmail: Issuer Organization: Google Inc
fetchmail: Issuer CommonName: Google Internet Authority
fetchmail: Subject CommonName: pop.gmail.com
fetchmail: pop.gmail.com key fingerprint:
B8:AF:A7:80:CD:E2:31:50:6F:ED:0E:4F:C8:04:D6:CD
fetchmail: POP3< +OK Gpop ready for requests from 71.2.125.101
g6pf4413496yha.12
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< USER
fetchmail: POP3< RESP-CODES
fetchmail: POP3< EXPIRE 0
fetchmail: POP3< LOGIN-DELAY 300
fetchmail: POP3< TOP
fetchmail: POP3< UIDL
fetchmail: POP3< X-GOOGLE-VERHOEVEN
fetchmail: POP3< X-GOOGLE-RICO
fetchmail: POP3< .
fetchmail: POP3> USER judy.pollock1950< at >gmail.com
fetchmail: POP3< +OK send PASS
fetchmail: POP3> PASS *
fetchmail: POP3< +OK Welcome.
fetchmail: selecting or re-polling default folder
fetchmail: POP3> STAT
fetchmail: POP3< +OK 1 2370
fetchmail: POP3> UIDL
fetchmail: POP3< +OK
fetchmail: POP3< 1 GmailId135a759e55823313
fetchmail: 1 is unseen
fetchmail: POP3< .
fetchmail: 1 message for judy.pollock1950< at >gmail.com at pop.gmail.com
(2370 octets).
fetchmail: POP3> LIST 1
fetchmail: POP3< +OK 1 2370
fetchmail: POP3> TOP 1 99999999
fetchmail: POP3< +OK message follows
fetchmail: reading message
judy.pollock1950< at >gmail.com< at >yx-in-f109.1e100.net:1 of 1 (2370
octets)About to rewrite Return-Path: <cpollock< at >embarqmail.com>...
...rewritten version is Return-Path: <cpollock< at >embarqmail.com>.
fetchmail: About to rewrite Return-Path: <cpollock< at >embarqmail.com>...
...rewritten version is Return-Path: <cpollock< at >embarqmail.com>.
fetchmail: About to rewrite From: Chris <cpollock< at >embarqmail.com>...
...rewritten version is From: Chris <cpollock< at >embarqmail.com>.
fetchmail: About to rewrite To: judy.pollock1950< at >gmail.com...
...rewritten version is To: judy.pollock1950< at >gmail.com.
fetchmail: about to deliver with: procmail
fetchmail: message judy.pollock1950< at >gmail.com< at >yx-in-f109.1e100.net:1 was
not the expected length (2416 actual != 2370 expected)
fetchmail:  flushed
fetchmail: POP3> DELE 1
fetchmail: POP3< +OK marked for deletion
fetchmail: POP3> QUIT
fetchmail: POP3< +OK Farewell.
fetchmail: 6.3.18 querying pop.gmail.com (protocol POP3) at Wed 22 Feb
2012 05:28:13 PM CST: poll completed
fetchmail: New UID list from pop.gmail.com: GmailId135a759e55823313 =
EXPUNGED
fetchmail: swapping UID lists
fetchmail: sleeping at Wed 22 Feb 2012 05:28:13 PM CST for 120 seconds

Here are the lines in the .fetchmailrc:

poll pop.gmail.com with proto POP3 timeout 180 port 995 interval 15
username "chris.pollock1948< at >gmail.com" with pass "*******" is cpollock
here options ssl sslcertck sslcertpath /home/chris/certs/.certs
poll pop.gmail.com with proto POP3 timeout 180 port 995 interval 3
username "judy.pollock1950< at >gmail.com" with pass "********" is cpollock
here options ssl sslcertck sslcertpath /home/chris/certs/.certs

Could this be causing the deletion problem:

username "judy.pollock1950< at >gmail.com" with pass "********" is cpollock
here                                                          ^^^^^^^^

Or does that make a difference? 

Thanks for any information. BTW, my MTA is Evolution.

Chris

Keeping only the last n messages one the serverwith POP3?

Johann 'Myrkraverk' Oskarsson — 2012-02-15T14:50:07

Hi all,

Is it possible to keep only the most recent n messages on a POP3 server?

I have one (actually two but only one I want this for) with rougly 30k
messages and want to delete the first n - 1000 messages.

Is this at all possible?


Johann

Fetchmail file

Steve Downes — 2012-02-06T09:22:23

I have a file which appeared when I had a fault in my postfix setup & it looks like an mbox file of a number of emails.
I have tried to convert it to Maildir using mb2md but this reports it is not an mbox format. I would like to add these to mydovecot system, ideally by re-feeding them into postfix but any way would do.

Anybody help me with this please?

Steve

attachments

Joaquín Adauto Diaz Trepat — 2012-02-02T21:10:40

Hello, first of all i want to thank for anyone how's taking time to read
this.
I set up a Postfix MTA with a fetchmail retriving mail from a google
account, everything was working fine but reacently i was reported that some
mails were lost. So i check the logs and i discover that fetchmail was
ignoring the new mail, all of them.

i put my fetchmailrc here---------------------------------------------

# Check mail every 300 seconds
set daemon 300
set syslog
#set idfile /var/lib/fetchmail/.fetchids
set postmaster USER

poll pop.gmail.com with proto POP3 and options no dns uidl
      user 'xxxxxx< at >tekii.com.ar' with pass "xxxxxxxx" is 'USER' here
options ssl keep fetchlimit 0 limit 0

end of fetchmailrc here---------------------------------------------

I run fetchmail manually turning off the daemon configuration with -v -v
and this is the log

fetchmail: 6.3.18 querying pop.gmail.com (protocol POP3) at Thu 02 Feb 2012
04:54:07 PM ART: poll started
fetchmail: Trying to connect to 74.125.45.109/995...connected.
fetchmail: Certificate chain, from root to peer, starting at depth 2:
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Certificate at depth 1:
fetchmail: Issuer Organization: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Subject CommonName: Google Internet Authority
fetchmail: Server certificate:
fetchmail: Issuer Organization: Google Inc
fetchmail: Issuer CommonName: Google Internet Authority
fetchmail: Subject CommonName: pop.gmail.com
fetchmail: pop.gmail.com key fingerprint:
B8:AF:A7:80:CD:E2:31:50:6F:ED:0E:4F:C8:04:D6:CD
fetchmail: POP3< +OK Gpop ready for requests from 200.42.117.202
w44pf9511334yhh.35
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< USER
fetchmail: POP3< RESP-CODES
fetchmail: POP3< EXPIRE 0
fetchmail: POP3< LOGIN-DELAY 300
fetchmail: POP3< TOP
fetchmail: POP3< UIDL
fetchmail: POP3< X-GOOGLE-VERHOEVEN
fetchmail: POP3< X-GOOGLE-RICO
fetchmail: POP3< .
fetchmail: POP3> USER xxxxxxx< at >tekii.com.ar
fetchmail: POP3< +OK send PASS
fetchmail: POP3> PASS *
fetchmail: POP3< +OK Welcome.
fetchmail: selecting or re-polling default folder
fetchmail: POP3> STAT
fetchmail: POP3< +OK 1 13048382
fetchmail: POP3> UIDL
fetchmail: POP3< +OK
fetchmail: POP3< 1 GmailId134394f057a0d211
fetchmail: POP3< .
fetchmail: 1 message (1 seen) for xxxxx< at >tekii.com.ar at
pop.gmail.com(13048382 octets).
fetchmail: skipping message xxxxxx< at >tekii.com.ar< at >pop.gmail.com:1 not flushed
fetchmail: POP3> QUIT
fetchmail: POP3< +OK Farewell.
fetchmail: 6.3.18 querying pop.gmail.com (protocol POP3) at Thu 02 Feb 2012
04:54:09 PM ART: poll completed
fetchmail: New UID list from pop.gmail.com: GmailId134394f057a0d211 = SEEN
fetchmail: swapping UID lists
fetchmail: Query status=1 (NOMAIL)
fetchmail: Writing fetchids file.
fetchmail: normal termination, status 1
fetchmail: Writing fetchids file.

---------------------------------------------------------------------------

I know that Google it's not fully POP3 compliant, but as far as i knew it
was only to the DELE command.
So i tryed to migrate to IMAP, just in case. And everything was good, until
an attachment came and it seems that it's cutting the files.
Spreadshits tables were cut in half, loosing data.

My fetchmailrc was the same as before, but using "proto IMAP and port 993".
And the logs are this ones

fetchmail: 6.3.18 querying imap.gmail.com (protocol IMAP) at Thu 02 Feb
2012 02:30:25 PM ART: poll started
fetchmail: Trying to connect to 74.125.47.108/993...connected.
fetchmail: Server certificate:
fetchmail: Issuer Organization: Google Inc
fetchmail: Issuer CommonName: Google Internet Authority
fetchmail: Subject CommonName: imap.gmail.com
fetchmail: imap.gmail.com key fingerprint:
93:2E:0F:BA:58:EA:CD:CB:04:33:97:9D:23:2A:0A:77
fetchmail: IMAP< * OK Gimap ready for requests from 200.42.117.202
p3if3986197yhg.87
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID
XLIST CHILDREN X-GM-EXT-1 XYZZY SASL-IR AUTH=XOAUTH
fetchmail: IMAP< A0001 OK Thats all she wrote! p3if3986197yhg.87
fetchmail: IMAP> A0002 LOGIN "xxxxxxx< at >tekii.com.ar" *
fetchmail: IMAP< * CAPABILITY IMAP4rev1 UNSELECT IDLE NAMESPACE QUOTA ID
XLIST CHILDREN X-GM-EXT-1 UIDPLUS COMPRESS=DEFLATE
fetchmail: IMAP< A0002 OK xxxxxx< at >tekii.com.ar input queue authenticated
(Success)
fetchmail: IMAP> A0003 SELECT "INBOX"
fetchmail: IMAP< * FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
fetchmail: IMAP< * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted
\Seen \*)] Flags permitted.
fetchmail: IMAP< * OK [UIDVALIDITY 657661258] UIDs valid.
fetchmail: IMAP< * 13161 EXISTS
fetchmail: IMAP< * 0 RECENT
fetchmail: IMAP< * OK [UIDNEXT 23591] Predicted next UID.
fetchmail: IMAP< A0003 OK [READ-WRITE] INBOX selected. (Success)
fetchmail: IMAP> A0004 SEARCH 1:1000 UNSEEN UNDELETED
fetchmail: IMAP< * SEARCH (note: a bunch of numbers here)

fetchmail: IMAP< A0009 OK SEARCH completed (Success)
fetchmail: IMAP> A0010 SEARCH 6001:7000 UNSEEN UNDELETED
fetchmail: IMAP< * SEARCH (note: a bunch of numbers here)
--------------
a lot more of this time of messages, like 14000 of them
fetchmail: IMAP< * 7 FETCH (RFC822.SIZE 4514518)

--------------
fetchmail: IMAP> A0020 FETCH 98 BODY.PEEK[TEXT]
fetchmail: IMAP< * 98 FETCH (BODY[TEXT] {877}
fetchmail:  (877 body octets) (log message incomplete)
fetchmail: IMAP< )
fetchmail: IMAP< A0020 OK Success
fetchmail: message xxxxxxx< at >tekii.com.ar< at >imap.gmail.com:98 was not the
expected length (2519 actual != 2488 expected)
fetchmail: SMTP>. (EOM)
fetchmail: SMTP< 250 2.0.0 Ok: queued as B51F78417F0
fetchmail:  not flushed
fetchmail: IMAP> A0021 STORE 98 +FLAGS (\Seen)
fetchmail: IMAP< * 98 FETCH (FLAGS (\Seen))
fetchmail: IMAP< A0021 OK Success
fetchmail: IMAP> A0022 FETCH 99 RFC822.HEADER
fetchmail: IMAP< * 99 FETCH (RFC822.HEADER {1642}
fetchmail: reading message xxxxxxx< at >tekii.com.ar< at >imap.gmail.com:99 of 13161
(1642 header octets)About to rewrite Return-Path: <xxxxxx< at >neuralsoft.com>...
...rewritten version is Return-Path: <xxxxxxx< at >neuralsoft.com>.
fetchmail: About to rewrite To: xxxxxxxx< at >TEKII.COM.AR...
...rewritten version is To: xxxxxxx< at >TEKII.COM.AR.
fetchmail: About to rewrite From: xxxxxx< at >neuralsoft.com...
...rewritten version is From: xxxxxx< at >neuralsoft.com.
fetchmail: forwarding to localhost
fetchmail: SMTP> MAIL FROM:<xxxxxxx< at >neuralsoft.com> SIZE=33210
fetchmail: SMTP< 250 2.1.0 Ok
fetchmail: SMTP> RCPT TO:<tekiiadmin< at >localhost>
fetchmail: SMTP< 250 2.1.5 Ok
fetchmail: SMTP> DATA
fetchmail: SMTP< 354 End data with <CR><LF>.<CR><LF>
fetchmail: IMAP< )
fetchmail: IMAP< A0040 OK Success


My thanks from the start. ANY INFORMATION that you need, plis just ask.

Greetings

J

no dns option?

skull — 2012-01-30T17:02:59

Hey everybody

We're using zarafa as a mailserver and fetchmail do deliver the mails.
.fetchmailrc has the following format:

set postmaster "foo< at >bar.com"
set bouncemail
set properties "fetchall"
poll pop.foobar.com protocol POP3
        no dns
        user foo
        password bar
        mda "/usr/bin/zarafa-dagent foobar"
;

it works like a charm. but i saw that on some servers there is the "no dns" option. on some servers its missing. on some its even mixed.
 i asked my boss about it (he wrote most of the .fetchmailrc on the customer servers). he said he had no idea why "no dns" is in the file.
what exactly is this option?
the man page says: no dns - Disable DNS lookup for multidrop 

english isn't my mothertongue so i don't really know what "multidrop" is :)

and skipping the dns lookup when connecting to pop.foobar.com does just not make sense.

anyone care to explain?
(german explanations preffered ;) )

How to handle mail with broken headers?

Johann 'Myrkraverk' Oskarsson — 2012-01-30T15:53:31

Hi all,

I have a few emails with broken headers in my yahoo mailbox and
fetchmail refuses to retrieve/forward them.  I have repeated examples of

  fetchmail: reading message
  myrkraverk< at >pop.plus-new.mail.fy4.b.yahoo.com:3695 of
  21103 (3139 octets) (log message incomplete)
  fetchmail: incorrect header line found while scanning headers
  fetchmail:  not flushed

In my log file.  And yes, you're right.  I do have 21k emails, and I'm
not deleting them from my mailbox.

Interestingly enough, that particular mail is now being skipped by
fetchmail, though it does have a broken header:

  X-YahooFilteredBulk: 206.40.205.124
  smedley.info>
  X-Originating-IP: [206.40.205.124]

Checking the UIDL in a manual POP3 session:

  UIDL 3639
  +OK 3639 AMZEv9EAAUj4R3RxaQBpvXThslA

And test to see if it's been retrieved.

  % grep AMZEv9EAAUj4R3RxaQBpvXThslA .fetchids
  myrkraverk< at >pop.mail.yahoo.com AMZEv9EAAUj4R3RxaQBpvXThslA

Yet I can not find it anywhere when I grep for the message id:

  find . -exec grep 47797E8A.3040107 '{}' +

So, apparently there are two issues I'm running into.  One is that I
have broken headers and somehow would like Fetchmail to handle that.
Going manually through the log file and picking them out is not really
what I want to do.  Once, maybe, but there are several such mails (I
suspect a broken port of Thunderbird to the OS/2 operating system) and
it can happen again.

Two, for some reason fetchmail has marked a broken message as downloaded
even though it can't be found locally.  I'm using maildrop as an mda and
I somehow doupt that is the fault - maildrop has been very good at
complaining when I managed to misconfigure it.  Of course I did not put
that particular mail through it just to see what it does -- yet.

Going back to the former issue.  Is there a way to get fetchmail do
somehow fix/download broken mail?  Perhaps take broken header lines and
prefix them with X-Fetchmail-Broken-Header: ?

Here is the last such message from my log file.  Apparently I haven't
gotten a broken mail for some time now:

  fetchmail: reading message
  myrkraverk< at >pop.plus-new.mail.fy4.b.yahoo.com:13512 of
   21115 (306940 octets) (log message incomplete)
  fetchmail: incorrect header line found while scanning headers
  fetchmail:  not flushed

And here are both messages from manual POP3 sesssions:

  http://www.myrkraverk.com/~johann/3649.invalid.header
  http://www.myrkraverk.com/~johann/13512.invalid.header


Johann

Suppress fetchmail auth failure messages torecipient address.

Rolinson, Sean — 2012-01-24T13:34:03

Hello all,

I was looking through the archives, man page, and Google, and I was unable to find an answer to my question. I apologize in advance if this has been asked and answered before.

I am trying to suppress the "fetchmail authentication failed on {address}" messages which are sent to the delivery/recipient address when fetchmail has trouble logging in to a POP3 server. Ultimately, there are 2 emails sent for every occurrence of the problem (one for the failure, and one for the OK).

We have a very busy Exchange servers that periodically fails to authenticate when logging in to it via POP3. When this happens, an email is sent to the delivery/recipient address configured in fetchmail notifying of the failure. I'd like to know how to suppress these messages if possible.

I realize we are aggressive in our how often we check (see config file below), and I'm sure increasing the polling interval would alleviate some of the failure, but I'd prefer to just suppress these messages completely if possible.

Below is a copy of my fetchmail config:

(called fetchmail_etg)
set daemon 10
set logfile /home/users/srolinso/fetchmail/log/fetchmail_etg.log
set postmaster srolinson< at >knight.com
set nobouncemail

poll {our Exchange Server} proto POP3:
auth password
user etgrt password "{blah}" mda "/opt/rt4/bin/rt-mailgate-wrapper infrastructure correspond http://etgrt:8100/" sslproto ssl23;
...

(cmd line)
srolinso 966 0.0 0.0 45572 1940 ? S 2011 6:11 /usr/bin/fetchmail -f /home/users/srolinso/fetchmail/fetchmail_etg

(fetchmail version)
Fetchmail version:
This is fetchmail release 6.3.6+GSS+RPA+NTLM+SDPS+SSL+HESIOD+NLS+KRB4+KRB5.

Copyright (C) 2002, 2003 Eric S. Raymond
Copyright (C) 2004 Matthias Andree, Eric S. Raymond, Rob F. Funk, Graham Wilson
Copyright (C) 2005-2006 Matthias Andree, Sunil Shetye
Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. For details,
please see the file COPYING in the source or documentation directory.

Fallback MDA: (none)
Linux jc1letgmisc2 2.6.18-164.el5 #1 SMP Thu Sep 3 03:28:30 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
Taking options from command line
No mailservers set up -- perhaps /home/users/srolinso/.fetchmailrc is missing?

Any help or suggestions would be greatly appreciated.

Thanks...

Sean

Please visit our website for important disclaimers/disclosures regarding Knight’s products and services:

http://knight.com/KnightEmailDisclaimer.html

_______________________________________________
fetchmail-users mailing list
fetchmail-users< at >lists.berlios.de
https://lists.berlios.de/mailman/listinfo/fetchmail-users

Making fetchmail work with original sendmailstorage format

Alan McConnell — 2012-01-13T15:17:03

Assembled Wisdom!

I have used fetchmail for many years.  It has been invaluable in
getting E-mail from various "cloud" accounts back to my home
Linux box(Debian squeeze).  But up to now it has been used
to bet mail from e.g. /var/mail/<my account name>.

Now I am confronted with a system which stores the
incoming mail in separate files in <my home directory>/mail/new/.
I am assured by the owners of this system that this is a
standard way to store incoming mail.

So my question: how to make a .fetchmailrc that will
pull the single files from ~/mail/new/?  the files
have names like:
1326465349.H185481P14437.<systemname>.com,S\=1881  .
Running 'file' on them tells me that they are "ASCII mail
text", and I can inspect their contents.

I am hopeful that this is an easy question.  I apologize if
the answer is in the documentation somewhere; I couldn't 
find it.

TIA for anticipated help, and Best wishes,

Alan, in Silver Spring MD

Troubleshooting SSL error

2012-01-05T03:25:41

Environment:
CentOS 5.7
Fetchmail RPM is fetchmail-6.3.6-1.1.el5_3.1
OpenSSL RPM is openssl-0.9.8e-20.el5
Sendmail RPM is sendmail-8.13.8-8.1.el5_7

When I test OpenSSL connectivity, I am able to connect to the IMAP  
server I want to poll and also to the local MTA.

openssl s_client -connect pod51011.outlook.com:993
openssl s_client -starttls smtp -connect localhost:25

Both of these commands open connections, I have attached a text file  
showing the complete output.

Fetchmail fails with an error that I do not understand. The error  
states there is an unknown protocol. The command and error output is  
immediately below, and farther down I have given output from fetchmail  
-V.

I would be grateful for any assistance that can be provided to resolve  
this issue.

Thank you
John


[otrs< at >tki-c01 ~]$  /usr/bin/fetchmail -vvv -a --ssl
fetchmail: 6.3.6 querying pod51011.outlook.com (protocol IMAP) at Wed  
04 Jan 2012 06:59:46 PM EST: poll started
fetchmail: running openssl s_client -connect  %h:%p (host  
pod51011.outlook.com service 993)
depth=3 /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions,  
Inc./CN=GTE CyberTrust Global Root
verify return:1
depth=2 /CN=Microsoft Internet Authority
verify return:1
depth=1 /DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure  
Server Authority
verify return:1
depth=0 /C=US/ST=Washington/L=Redmond/O=Microsoft  
Corporation/OU=Exchange/CN=outlook.com
verify return:1
11337:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown  
protocol:s23_clnt.c:588:
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from  
support< at >jsw4.com< at >pod51011.outlook.com
fetchmail: 6.3.6 querying pod51011.outlook.com (protocol IMAP) at Wed  
04 Jan 2012 06:59:47 PM EST: poll completed
fetchmail: Query status=2 (SOCKET)
fetchmail: Deleting fetchids file.
fetchmail: normal termination, status 2
fetchmail: Deleting fetchids file.
DONE

###### AND #########

otrs< at >tki-c01 ~]$  /usr/bin/fetchmail -V -a --ssl
This is fetchmail release 6.3.6+GSS+RPA+NTLM+SDPS+SSL+HESIOD+NLS+KRB4+KRB5.

Copyright (C) 2002, 2003 Eric S. Raymond
Copyright (C) 2004 Matthias Andree, Eric S. Raymond, Rob F. Funk,  
Graham Wilson
Copyright (C) 2005-2006 Matthias Andree, Sunil Shetye
Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. For details,
please see the file COPYING in the source or documentation directory.

Fallback MDA: (none)
Linux tki-c01.jsw4.net 2.6.18-274.12.1.el5xen #1 SMP Tue Nov 29  
14:18:21 EST 2011 x86_64 x86_64 x86_64 GNU/Linux
Taking options from command line and /opt/otrs/.fetchmailrc
Idfile is /opt/otrs/.fetchids
Fetchmail will show progress dots even in logfiles.
Fetchmail will forward misaddressed multidrop messages to otrs.
Options for retrieving from support< at >jsw4.com< at >pod51011.outlook.com:
   True name of server is pod51011.outlook.com.
   Protocol is IMAP (using service 993).
   All available authentication methods will be tried.
   SSL encrypted sessions enabled.
   Server nonresponse timeout is 300 seconds (default).
   Default mailbox selected.
   All messages will be retrieved (--all on).
   Fetched messages will not be kept on the server (--keep off).
   Old messages will not be flushed before message retrieval (--flush off).
   Oversized messages will not be flushed before message retrieval  
(--limitflush off).
   Rewrite of server-local addresses is enabled (--norewrite off).
   Carriage-return stripping is disabled (stripcr off).
   Carriage-return forcing is disabled (forcecr off).
   Interpretation of Content-Transfer-Encoding is enabled (pass8bits off).
   MIME decoding is disabled (mimedecode off).
   Idle after poll is disabled (idle off).
   Nonempty Status lines will be kept (dropstatus off)
   Delivered-To lines will be kept (dropdelivered off)
   Fetch message size limit is 100 (--fetchsizelimit 100).
   Do binary search of UIDs during 3 out of 4 polls (--fastuidl 4).
   Messages will be SMTP-forwarded to: localhost (default)
   Single-drop mode: 1 local name recognized.
   Server connections will be made via plugin openssl s_client  
-connect  %h:%p (--plugin openssl s_client -connect  %h:%p).
   No UIDs saved from this host.
Using username "root".
Authenticating with public key "John Walker dsa-key-20110210"
Passphrase for key "John Walker dsa-key-20110210":
Last login: Wed Jan  4 18:54:09 2012 from joe.jsw4.net
[root< at >tki-c01 ~]# su - otrs
[otrs< at >tki-c01 ~]$ openssl s_client -starttls smtp -connect localhost:25
CONNECTED(00000003)
depth=0 /C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
   i:/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDtjCCAx+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMCVVMx
DzANBgNVBAgTBkFsYmFueTERMA8GA1UEBxMITmV3IFlvcmsxFTATBgNVBAoTDEpT
VzRORVQgSW5jLjEWMBQGA1UECxMNU3VwcG9ydCBHcm91cDEZMBcGA1UEAxMQdGtp
LWMwMS5qc3c0Lm5ldDEiMCAGCSqGSIb3DQEJARYTaG9zdG1hc3RlckBqc3c0Lm5l
dDAeFw0xMjAxMDQyMzQwNTFaFw0xMzAxMDMyMzQwNTFaMIGfMQswCQYDVQQGEwJV
UzEPMA0GA1UECBMGQWxiYW55MREwDwYDVQQHEwhOZXcgWW9yazEVMBMGA1UEChMM
SlNXNE5FVCBJbmMuMRYwFAYDVQQLEw1TdXBwb3J0IEdyb3VwMRkwFwYDVQQDExB0
a2ktYzAxLmpzdzQubmV0MSIwIAYJKoZIhvcNAQkBFhNob3N0bWFzdGVyQGpzdzQu
bmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvyRa5f2ciIgZ9MGjjjXEm
HQhMlg9M7CVZlxfXYerk+cc5Hw54/hNWMVEGMnfUU0iYRsXoKQQUJTrXSw7mnyEN
PcnqFjxOffvO8tz9nHwES8YowNVNQJFD5e9OVan2kgnVnIeiido1c248OqJ9QZ/0
RAnFbyL36LzhG9n0nBdL9QIDAQABo4H/MIH8MB0GA1UdDgQWBBQIbIK4BboPmUM1
qYmHkpXL/YS23zCBzAYDVR0jBIHEMIHBgBQIbIK4BboPmUM1qYmHkpXL/YS236GB
paSBojCBnzELMAkGA1UEBhMCVVMxDzANBgNVBAgTBkFsYmFueTERMA8GA1UEBxMI
TmV3IFlvcmsxFTATBgNVBAoTDEpTVzRORVQgSW5jLjEWMBQGA1UECxMNU3VwcG9y
dCBHcm91cDEZMBcGA1UEAxMQdGtpLWMwMS5qc3c0Lm5ldDEiMCAGCSqGSIb3DQEJ
ARYTaG9zdG1hc3RlckBqc3c0Lm5ldIIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4GBAJbgoTJPYywvqjYXtHL6yvFJ/oOkkZE9o04ANG7P0yy5JniUSiyv
/EX/M9y1z4GH0dNmWYwLUkoXXUZgLtxupAM9Tz5HAV0RF3WF/OmprxaLWR4O+2ol
n93kCeeWGb8CbaW/QrnsL2ruWPWcZwzondUdygPakE7zo19f4kkrz4E+
-----END CERTIFICATE-----
subject=/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
issuer=/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
---
Acceptable client certificate CA names
/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
/C=US/O=GTE Corporation/CN=GTE CyberTrust Root
/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Basic CA/emailAddress=personal-basic< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Premium CA/emailAddress=personal-premium< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Freemail CA/emailAddress=personal-freemail< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Server CA/emailAddress=server-certs< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server< at >thawte.com
/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
/C=US/ST=DC/L=Washington/O=ABA.ECOM, INC./CN=ABA.ECOM Root CA/emailAddress=admin< at >digsigtrust.com
/C=US/O=Digital Signature Trust Co./OU=DSTCA E1
/C=US/O=Digital Signature Trust Co./OU=DSTCA E2
/C=us/ST=Utah/L=Salt Lake City/O=Digital Signature Trust Co./OU=DSTCA X1/CN=DST RootCA X1/emailAddress=ca< at >digsigtrust.com
/C=us/ST=Utah/L=Salt Lake City/O=Digital Signature Trust Co./OU=DSTCA X2/CN=DST RootCA X2/emailAddress=ca< at >digsigtrust.com
/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 1 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info< at >valicert.com
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info< at >valicert.com
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 3 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info< at >valicert.com
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 1 Public Primary Certification Authority - G3
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 2 Public Primary Certification Authority - G3
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G3
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 4 Public Primary Certification Authority - G3
/C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
/C=US/O=Entrust.net/OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab./OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Client Certification Authority
/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
/C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1
/C=US/O=Equifax Secure Inc./CN=Equifax Secure eBusiness CA-1
/C=US/O=Equifax Secure/OU=Equifax Secure eBusiness CA-2
/C=US/O=VISA/OU=Visa International Service Association/CN=GP Root 2
/C=WW/O=beTRUSTed/CN=beTRUSTed Root CAs/CN=beTRUSTed Root CA
/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Class 1 CA Root
/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Public CA Root
/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Qualified CA Root
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 1 Public Primary OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 2 Public Primary OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 3 Public Primary OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Secure Server OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)00/CN=VeriSign Time Stamping Authority CA
/C=ZA/ST=Western Cape/L=Durbanville/O=Thawte/OU=Thawte Certification/CN=Thawte Timestamping CA
/O=Entrust.net/OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.)/OU=(c) 2000 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
/O=Entrust.net/OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.)/OU=(c) 2000 Entrust.net Limited/CN=Entrust.net Client Certification Authority
/C=US/O=AOL Time Warner Inc./OU=America Online Inc./CN=AOL Time Warner Root Certification Authority 1
/C=US/O=AOL Time Warner Inc./OU=America Online Inc./CN=AOL Time Warner Root Certification Authority 2
/O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA-Baltimore Implementation
/O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA - Entrust Implementation
/O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA - RSA Implementation
/O=RSA Security Inc/OU=RSA Security 2048 V3
/O=RSA Security Inc/OU=RSA Security 1024 V3
/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Network Applications
/C=US/O=America Online Inc./CN=America Online Root Certification Authority 1
/C=US/O=America Online Inc./CN=America Online Root Certification Authority 2
/C=US/O=VISA/OU=Visa International Service Association/CN=Visa eCommerce Root
/C=DE/ST=Hamburg/L=Hamburg/O=TC TrustCenter for Security in Data Networks GmbH/OU=TC TrustCenter Class 2 CA/emailAddress=certificate< at >trustcenter.de
/C=DE/ST=Hamburg/L=Hamburg/O=TC TrustCenter for Security in Data Networks GmbH/OU=TC TrustCenter Class 3 CA/emailAddress=certificate< at >trustcenter.de
/C=PL/O=Unizeto Sp. z o.o./CN=Certum CA
/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services
/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=Secure Certificate Services
/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=Trusted Certificate Services
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA Chained CAs Certification Authority/CN=IPS CA Chained CAs Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASE1 Certification Authority/CN=IPS CA CLASE1 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASE3 Certification Authority/CN=IPS CA CLASE3 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASEA1 Certification Authority/CN=IPS CA CLASEA1 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASEA3 Certification Authority/CN=IPS CA CLASEA3 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=BARCELONA/L=BARCELONA/O=IPS Seguridad CA/OU=Certificaciones/CN=IPS SERVIDORES/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA Timestamping Certification Authority/CN=IPS CA Timestamping Certification Authority/emailAddress=ips< at >mail.ips.es
/C=BM/O=QuoVadis Limited/OU=Root Certification Authority/CN=QuoVadis Root Certification Authority
/C=JP/O=SECOM Trust.net/OU=Security Communication RootCA1
/C=FI/O=Sonera/CN=Sonera Class1 CA
/C=FI/O=Sonera/CN=Sonera Class2 CA
/C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden Root CA
/C=DK/O=TDC Internet/OU=TDC Internet Root CA
/C=DK/O=TDC/CN=TDC OCES CA
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Client Authentication and Email
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Object
/C=EU/O=AC Camerfirma SA CIF A82743287/OU=http://www.chambersign.org/CN=Chambers of Commerce Root
/C=EU/O=AC Camerfirma SA CIF A82743287/OU=http://www.chambersign.org/CN=Global Chambersign Root
/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado/emailAddress=info< at >netlock.hu
/C=HU/ST=Hungary/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Kozjegyzoi (Class A) Tanusitvanykiado
/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Uzleti (Class B) Tanusitvanykiado
/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Expressz (Class C) Tanusitvanykiado
/C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority
/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
/C=IL/ST=Israel/L=Eilat/O=StartCom Ltd./OU=CA Authority Dep./CN=Free SSL Certification Authority/emailAddress=admin< at >startcom.org
/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
/C=US/ST=North Carolina/L=Research Triangle Park/O=Red Hat, Inc./OU=Red Hat Network Services/CN=RHNS Certificate Authority/emailAddress=rhns< at >redhat.com
/C=US/ST=North Carolina/L=Raleigh/O=Red Hat, Inc./OU=Red Hat Network/CN=RHN Certificate Authority/emailAddress=rhn-noc< at >redhat.com
---
SSL handshake has read 16691 bytes and written 302 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 737D12C46468E8C9BEB130DB0056A9E91FA781FB4A084367F95434EF46F7F425
    Session-ID-ctx:
    Master-Key: 55B025F74561173038777E8E2D5F0BFA3934BB0DF43423D7C70483CD5A24D4ADDC6D83D07038867974805DA5209DC106
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1325721397
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
250 HELP

[otrs< at >tki-c01 ~]$ openssl s_client -connect pod51011.outlook.com:993
CONNECTED(00000003)
depth=3 /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
verify return:1
depth=2 /CN=Microsoft Internet Authority
verify return:1
depth=1 /DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
verify return:1
depth=0 /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Exchange/CN=outlook.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Exchange/CN=outlook.com
   i:/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
 1 s:/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
   i:/CN=Microsoft Internet Authority
 2 s:/CN=Microsoft Internet Authority
   i:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgIKU7xtpgAIAAIKsTANBgkqhkiG9w0BAQUFADCBizETMBEG
CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG
CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMSowKAYD
VQQDEyFNaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBBdXRob3JpdHkwHhcNMTEwNDIw
MTkwNDQ1WhcNMTMwNDE5MTkwNDQ1WjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0
IENvcnBvcmF0aW9uMREwDwYDVQQLEwhFeGNoYW5nZTEUMBIGA1UEAxMLb3V0bG9v
ay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHnLBkZhuyBUIH
IAw61mr2xTRot9v6Ue/GXvs3NLowG4KJ07LzzNAW+B0qUqOjgfefADPOh3vRZP10
koPqBRfNKxllYNPIQx9Thk4opj9VRjISRgk3goMcLpPA0RWzL21oCXIT2XQtU25u
QZ4c7aZEMWZSN6BKIYM6FiWoSGb4cHXFIoeoOBOMdlFYm2+g/9rEfv8QrB30J+Lk
BI74ulCcSQDpJ1PJNxgmWEBVf+ucW1PkT4oqM4GoD33PYkU0gWYQ4EIfrg55Rr31
WHY1l0bb67z/KhOwRdsxgt1/1xlXFND2BQp3pi7FEH3GycjcA2QyKwPVd0Ju9AWI
MDOPPvQbAgMBAAGjggMIMIIDBDALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFBDz7C+z
el/LP2L6QNA4wSbz8aXXMFwGA1UdEQRVMFOCC291dGxvb2suY29tgg0qLm91dGxv
b2suY29tghIqLmV4Y2hhbmdlbGFicy5jb22CDW0ub3V0bG9vay5jb22CEm0uZXhj
aGFuZ2VsYWJzLmNvbTAfBgNVHSMEGDAWgBQIQuPbThFm87UIxUDbVXwzRhGDODCC
AQoGA1UdHwSCAQEwgf4wgfuggfiggfWGWGh0dHA6Ly9tc2NybC5taWNyb3NvZnQu
Y29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUy
MEF1dGhvcml0eSg4KS5jcmyGVmh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kv
bXNjb3JwL2NybC9NaWNyb3NvZnQlMjBTZWN1cmUlMjBTZXJ2ZXIlMjBBdXRob3Jp
dHkoOCkuY3JshkFodHRwOi8vY29ycHBraS9jcmwvTWljcm9zb2Z0JTIwU2VjdXJl
JTIwU2VydmVyJTIwQXV0aG9yaXR5KDgpLmNybDCBvwYIKwYBBQUHAQEEgbIwga8w
XgYIKwYBBQUHMAKGUmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3Jw
L01pY3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUyMEF1dGhvcml0eSg4KS5jcnQw
TQYIKwYBBQUHMAKGQWh0dHA6Ly9jb3JwcGtpL2FpYS9NaWNyb3NvZnQlMjBTZWN1
cmUlMjBTZXJ2ZXIlMjBBdXRob3JpdHkoOCkuY3J0MD8GCSsGAQQBgjcVBwQyMDAG
KCsGAQQBgjcVCIPPiU2t8gKFoZ8MgvrKfYHh+3SBT4PC7YUIjqnShWMCAWQCAQow
HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMCcGCSsGAQQBgjcVCgQaMBgw
CgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEFBQADggEBALWVrEiN
S3z2nUpvdL9KQ6OTqKJCGr62NFzgwmmHwW4Ci702hnzIXgL36VGcYGFOMewQmQ/w
8SkoC41avNk3zblf/8zUxNVl5jDzJ2q1RhKuF4/W7ch5yRv71qNUiccxw+xTJw27
MqZ/XKjAuUNBj1Kw3sthW3t2j5xvb5AEm5Li+ym6AIl52tXV9Qs16HgIPGmUSBw8
ZWvrlNo9Z9NDfwDpjKfDuSHgxfhdDrguiwJbuR34zzkGbYXE5cv8ePmmIK+4io1gc
yGGFxg2nIXcXVNROD/1EIsdMXFYAZKkX3UXci8A665frX9fvE1fy/s/7GBqP2t7c
X9S/EdDM2KYxlrY=
-----END CERTIFICATE-----
subject=/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Exchange/CN=outlook.com
issuer=/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
---
No client certificate CA names sent
---
SSL handshake has read 4717 bytes and written 447 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES128-SHA
    Session-ID: 7D120000C392C25857D0FC714554A0F77466ECD614D363260E39812DBA65EEA7
    Session-ID-ctx:
    Master-Key: F9468FE2A6CB39B474AE37754C455AE378B0B7907A6E73F2F96932B3DC03F5CE6FDB3E715FF09DF00CC037779FD2CCFD
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1325721446
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
* OK The Microsoft Exchange IMAP4 service is ready.

[otrs< at >tki-c01 ~]$_______________________________________________
fetchmail-users mailing list
fetchmail-users< at >lists.berlios.de
https://lists.berlios.de/mailman/listinfo/fetchmail-users

Troubleshooting SSL error

2012-01-05T03:25:41

Environment:
CentOS 5.7
Fetchmail RPM is fetchmail-6.3.6-1.1.el5_3.1
OpenSSL RPM is openssl-0.9.8e-20.el5
Sendmail RPM is sendmail-8.13.8-8.1.el5_7

When I test OpenSSL connectivity, I am able to connect to the IMAP  
server I want to poll and also to the local MTA.

openssl s_client -connect pod51011.outlook.com:993
openssl s_client -starttls smtp -connect localhost:25

Both of these commands open connections, I have attached a text file  
showing the complete output.

Fetchmail fails with an error that I do not understand. The error  
states there is an unknown protocol. The command and error output is  
immediately below, and farther down I have given output from fetchmail  
-V.

I would be grateful for any assistance that can be provided to resolve  
this issue.

Thank you
John


[otrs< at >tki-c01 ~]$  /usr/bin/fetchmail -vvv -a --ssl
fetchmail: 6.3.6 querying pod51011.outlook.com (protocol IMAP) at Wed  
04 Jan 2012 06:59:46 PM EST: poll started
fetchmail: running openssl s_client -connect  %h:%p (host  
pod51011.outlook.com service 993)
depth=3 /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions,  
Inc./CN=GTE CyberTrust Global Root
verify return:1
depth=2 /CN=Microsoft Internet Authority
verify return:1
depth=1 /DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure  
Server Authority
verify return:1
depth=0 /C=US/ST=Washington/L=Redmond/O=Microsoft  
Corporation/OU=Exchange/CN=outlook.com
verify return:1
11337:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown  
protocol:s23_clnt.c:588:
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from  
support< at >jsw4.com< at >pod51011.outlook.com
fetchmail: 6.3.6 querying pod51011.outlook.com (protocol IMAP) at Wed  
04 Jan 2012 06:59:47 PM EST: poll completed
fetchmail: Query status=2 (SOCKET)
fetchmail: Deleting fetchids file.
fetchmail: normal termination, status 2
fetchmail: Deleting fetchids file.
DONE

###### AND #########

otrs< at >tki-c01 ~]$  /usr/bin/fetchmail -V -a --ssl
This is fetchmail release 6.3.6+GSS+RPA+NTLM+SDPS+SSL+HESIOD+NLS+KRB4+KRB5.

Copyright (C) 2002, 2003 Eric S. Raymond
Copyright (C) 2004 Matthias Andree, Eric S. Raymond, Rob F. Funk,  
Graham Wilson
Copyright (C) 2005-2006 Matthias Andree, Sunil Shetye
Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. For details,
please see the file COPYING in the source or documentation directory.

Fallback MDA: (none)
Linux tki-c01.jsw4.net 2.6.18-274.12.1.el5xen #1 SMP Tue Nov 29  
14:18:21 EST 2011 x86_64 x86_64 x86_64 GNU/Linux
Taking options from command line and /opt/otrs/.fetchmailrc
Idfile is /opt/otrs/.fetchids
Fetchmail will show progress dots even in logfiles.
Fetchmail will forward misaddressed multidrop messages to otrs.
Options for retrieving from support< at >jsw4.com< at >pod51011.outlook.com:
   True name of server is pod51011.outlook.com.
   Protocol is IMAP (using service 993).
   All available authentication methods will be tried.
   SSL encrypted sessions enabled.
   Server nonresponse timeout is 300 seconds (default).
   Default mailbox selected.
   All messages will be retrieved (--all on).
   Fetched messages will not be kept on the server (--keep off).
   Old messages will not be flushed before message retrieval (--flush off).
   Oversized messages will not be flushed before message retrieval  
(--limitflush off).
   Rewrite of server-local addresses is enabled (--norewrite off).
   Carriage-return stripping is disabled (stripcr off).
   Carriage-return forcing is disabled (forcecr off).
   Interpretation of Content-Transfer-Encoding is enabled (pass8bits off).
   MIME decoding is disabled (mimedecode off).
   Idle after poll is disabled (idle off).
   Nonempty Status lines will be kept (dropstatus off)
   Delivered-To lines will be kept (dropdelivered off)
   Fetch message size limit is 100 (--fetchsizelimit 100).
   Do binary search of UIDs during 3 out of 4 polls (--fastuidl 4).
   Messages will be SMTP-forwarded to: localhost (default)
   Single-drop mode: 1 local name recognized.
   Server connections will be made via plugin openssl s_client  
-connect  %h:%p (--plugin openssl s_client -connect  %h:%p).
   No UIDs saved from this host.
Using username "root".
Authenticating with public key "John Walker dsa-key-20110210"
Passphrase for key "John Walker dsa-key-20110210":
Last login: Wed Jan  4 18:54:09 2012 from joe.jsw4.net
[root< at >tki-c01 ~]# su - otrs
[otrs< at >tki-c01 ~]$ openssl s_client -starttls smtp -connect localhost:25
CONNECTED(00000003)
depth=0 /C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
   i:/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDtjCCAx+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMCVVMx
DzANBgNVBAgTBkFsYmFueTERMA8GA1UEBxMITmV3IFlvcmsxFTATBgNVBAoTDEpT
VzRORVQgSW5jLjEWMBQGA1UECxMNU3VwcG9ydCBHcm91cDEZMBcGA1UEAxMQdGtp
LWMwMS5qc3c0Lm5ldDEiMCAGCSqGSIb3DQEJARYTaG9zdG1hc3RlckBqc3c0Lm5l
dDAeFw0xMjAxMDQyMzQwNTFaFw0xMzAxMDMyMzQwNTFaMIGfMQswCQYDVQQGEwJV
UzEPMA0GA1UECBMGQWxiYW55MREwDwYDVQQHEwhOZXcgWW9yazEVMBMGA1UEChMM
SlNXNE5FVCBJbmMuMRYwFAYDVQQLEw1TdXBwb3J0IEdyb3VwMRkwFwYDVQQDExB0
a2ktYzAxLmpzdzQubmV0MSIwIAYJKoZIhvcNAQkBFhNob3N0bWFzdGVyQGpzdzQu
bmV0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvyRa5f2ciIgZ9MGjjjXEm
HQhMlg9M7CVZlxfXYerk+cc5Hw54/hNWMVEGMnfUU0iYRsXoKQQUJTrXSw7mnyEN
PcnqFjxOffvO8tz9nHwES8YowNVNQJFD5e9OVan2kgnVnIeiido1c248OqJ9QZ/0
RAnFbyL36LzhG9n0nBdL9QIDAQABo4H/MIH8MB0GA1UdDgQWBBQIbIK4BboPmUM1
qYmHkpXL/YS23zCBzAYDVR0jBIHEMIHBgBQIbIK4BboPmUM1qYmHkpXL/YS236GB
paSBojCBnzELMAkGA1UEBhMCVVMxDzANBgNVBAgTBkFsYmFueTERMA8GA1UEBxMI
TmV3IFlvcmsxFTATBgNVBAoTDEpTVzRORVQgSW5jLjEWMBQGA1UECxMNU3VwcG9y
dCBHcm91cDEZMBcGA1UEAxMQdGtpLWMwMS5qc3c0Lm5ldDEiMCAGCSqGSIb3DQEJ
ARYTaG9zdG1hc3RlckBqc3c0Lm5ldIIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4GBAJbgoTJPYywvqjYXtHL6yvFJ/oOkkZE9o04ANG7P0yy5JniUSiyv
/EX/M9y1z4GH0dNmWYwLUkoXXUZgLtxupAM9Tz5HAV0RF3WF/OmprxaLWR4O+2ol
n93kCeeWGb8CbaW/QrnsL2ruWPWcZwzondUdygPakE7zo19f4kkrz4E+
-----END CERTIFICATE-----
subject=/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
issuer=/C=US/ST=Albany/L=New York/O=JSW4NET Inc./OU=Support Group/CN=tki-c01.jsw4.net/emailAddress=hostmaster< at >jsw4.net
---
Acceptable client certificate CA names
/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
/C=US/O=GTE Corporation/CN=GTE CyberTrust Root
/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Basic CA/emailAddress=personal-basic< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Premium CA/emailAddress=personal-premium< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting/OU=Certification Services Division/CN=Thawte Personal Freemail CA/emailAddress=personal-freemail< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Server CA/emailAddress=server-certs< at >thawte.com
/C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server< at >thawte.com
/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
/C=US/ST=DC/L=Washington/O=ABA.ECOM, INC./CN=ABA.ECOM Root CA/emailAddress=admin< at >digsigtrust.com
/C=US/O=Digital Signature Trust Co./OU=DSTCA E1
/C=US/O=Digital Signature Trust Co./OU=DSTCA E2
/C=us/ST=Utah/L=Salt Lake City/O=Digital Signature Trust Co./OU=DSTCA X1/CN=DST RootCA X1/emailAddress=ca< at >digsigtrust.com
/C=us/ST=Utah/L=Salt Lake City/O=Digital Signature Trust Co./OU=DSTCA X2/CN=DST RootCA X2/emailAddress=ca< at >digsigtrust.com
/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
/C=US/O=VeriSign, Inc./OU=Class 1 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority - G2/OU=(c) 1998 VeriSign, Inc. - For authorized use only/OU=VeriSign Trust Network
/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 1 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info< at >valicert.com
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info< at >valicert.com
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 3 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info< at >valicert.com
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 1 Public Primary Certification Authority - G3
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 2 Public Primary Certification Authority - G3
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G3
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 1999 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 4 Public Primary Certification Authority - G3
/C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
/C=US/O=Entrust.net/OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab./OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Client Certification Authority
/O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
/C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1
/C=US/O=Equifax Secure Inc./CN=Equifax Secure eBusiness CA-1
/C=US/O=Equifax Secure/OU=Equifax Secure eBusiness CA-2
/C=US/O=VISA/OU=Visa International Service Association/CN=GP Root 2
/C=WW/O=beTRUSTed/CN=beTRUSTed Root CAs/CN=beTRUSTed Root CA
/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Class 1 CA Root
/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Public CA Root
/C=SE/O=AddTrust AB/OU=AddTrust TTP Network/CN=AddTrust Qualified CA Root
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 1 Public Primary OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 2 Public Primary OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Class 3 Public Primary OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/RPA (c)00/CN=Secure Server OCSP Responder
/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)00/CN=VeriSign Time Stamping Authority CA
/C=ZA/ST=Western Cape/L=Durbanville/O=Thawte/OU=Thawte Certification/CN=Thawte Timestamping CA
/O=Entrust.net/OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.)/OU=(c) 2000 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
/O=Entrust.net/OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.)/OU=(c) 2000 Entrust.net Limited/CN=Entrust.net Client Certification Authority
/C=US/O=AOL Time Warner Inc./OU=America Online Inc./CN=AOL Time Warner Root Certification Authority 1
/C=US/O=AOL Time Warner Inc./OU=America Online Inc./CN=AOL Time Warner Root Certification Authority 2
/O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA-Baltimore Implementation
/O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA - Entrust Implementation
/O=beTRUSTed/OU=beTRUSTed Root CAs/CN=beTRUSTed Root CA - RSA Implementation
/O=RSA Security Inc/OU=RSA Security 2048 V3
/O=RSA Security Inc/OU=RSA Security 1024 V3
/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Network Applications
/C=US/O=America Online Inc./CN=America Online Root Certification Authority 1
/C=US/O=America Online Inc./CN=America Online Root Certification Authority 2
/C=US/O=VISA/OU=Visa International Service Association/CN=Visa eCommerce Root
/C=DE/ST=Hamburg/L=Hamburg/O=TC TrustCenter for Security in Data Networks GmbH/OU=TC TrustCenter Class 2 CA/emailAddress=certificate< at >trustcenter.de
/C=DE/ST=Hamburg/L=Hamburg/O=TC TrustCenter for Security in Data Networks GmbH/OU=TC TrustCenter Class 3 CA/emailAddress=certificate< at >trustcenter.de
/C=PL/O=Unizeto Sp. z o.o./CN=Certum CA
/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services
/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=Secure Certificate Services
/C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=Trusted Certificate Services
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA Chained CAs Certification Authority/CN=IPS CA Chained CAs Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASE1 Certification Authority/CN=IPS CA CLASE1 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASE3 Certification Authority/CN=IPS CA CLASE3 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASEA1 Certification Authority/CN=IPS CA CLASEA1 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA CLASEA3 Certification Authority/CN=IPS CA CLASEA3 Certification Authority/emailAddress=ips< at >mail.ips.es
/C=ES/ST=BARCELONA/L=BARCELONA/O=IPS Seguridad CA/OU=Certificaciones/CN=IPS SERVIDORES/emailAddress=ips< at >mail.ips.es
/C=ES/ST=Barcelona/L=Barcelona/O=IPS Internet publishing Services s.l./O=ips< at >mail.ips.es C.I.F.  B-60929452/OU=IPS CA Timestamping Certification Authority/CN=IPS CA Timestamping Certification Authority/emailAddress=ips< at >mail.ips.es
/C=BM/O=QuoVadis Limited/OU=Root Certification Authority/CN=QuoVadis Root Certification Authority
/C=JP/O=SECOM Trust.net/OU=Security Communication RootCA1
/C=FI/O=Sonera/CN=Sonera Class1 CA
/C=FI/O=Sonera/CN=Sonera Class2 CA
/C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden Root CA
/C=DK/O=TDC Internet/OU=TDC Internet Root CA
/C=DK/O=TDC/CN=TDC OCES CA
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN - DATACorp SGC
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Client Authentication and Email
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Object
/C=EU/O=AC Camerfirma SA CIF A82743287/OU=http://www.chambersign.org/CN=Chambers of Commerce Root
/C=EU/O=AC Camerfirma SA CIF A82743287/OU=http://www.chambersign.org/CN=Global Chambersign Root
/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado/emailAddress=info< at >netlock.hu
/C=HU/ST=Hungary/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Kozjegyzoi (Class A) Tanusitvanykiado
/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Uzleti (Class B) Tanusitvanykiado
/C=HU/L=Budapest/O=NetLock Halozatbiztonsagi Kft./OU=Tanusitvanykiadok/CN=NetLock Expressz (Class C) Tanusitvanykiado
/C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority
/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
/C=IL/ST=Israel/L=Eilat/O=StartCom Ltd./OU=CA Authority Dep./CN=Free SSL Certification Authority/emailAddress=admin< at >startcom.org
/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
/C=US/ST=North Carolina/L=Research Triangle Park/O=Red Hat, Inc./OU=Red Hat Network Services/CN=RHNS Certificate Authority/emailAddress=rhns< at >redhat.com
/C=US/ST=North Carolina/L=Raleigh/O=Red Hat, Inc./OU=Red Hat Network/CN=RHN Certificate Authority/emailAddress=rhn-noc< at >redhat.com
---
SSL handshake has read 16691 bytes and written 302 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 737D12C46468E8C9BEB130DB0056A9E91FA781FB4A084367F95434EF46F7F425
    Session-ID-ctx:
    Master-Key: 55B025F74561173038777E8E2D5F0BFA3934BB0DF43423D7C70483CD5A24D4ADDC6D83D07038867974805DA5209DC106
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1325721397
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---
250 HELP

[otrs< at >tki-c01 ~]$ openssl s_client -connect pod51011.outlook.com:993
CONNECTED(00000003)
depth=3 /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
verify return:1
depth=2 /CN=Microsoft Internet Authority
verify return:1
depth=1 /DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
verify return:1
depth=0 /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Exchange/CN=outlook.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Exchange/CN=outlook.com
   i:/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
 1 s:/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
   i:/CN=Microsoft Internet Authority
 2 s:/CN=Microsoft Internet Authority
   i:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgIKU7xtpgAIAAIKsTANBgkqhkiG9w0BAQUFADCBizETMBEG
CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG
CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMSowKAYD
VQQDEyFNaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBBdXRob3JpdHkwHhcNMTEwNDIw
MTkwNDQ1WhcNMTMwNDE5MTkwNDQ1WjB9MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0
IENvcnBvcmF0aW9uMREwDwYDVQQLEwhFeGNoYW5nZTEUMBIGA1UEAxMLb3V0bG9v
ay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHnLBkZhuyBUIH
IAw61mr2xTRot9v6Ue/GXvs3NLowG4KJ07LzzNAW+B0qUqOjgfefADPOh3vRZP10
koPqBRfNKxllYNPIQx9Thk4opj9VRjISRgk3goMcLpPA0RWzL21oCXIT2XQtU25u
QZ4c7aZEMWZSN6BKIYM6FiWoSGb4cHXFIoeoOBOMdlFYm2+g/9rEfv8QrB30J+Lk
BI74ulCcSQDpJ1PJNxgmWEBVf+ucW1PkT4oqM4GoD33PYkU0gWYQ4EIfrg55Rr31
WHY1l0bb67z/KhOwRdsxgt1/1xlXFND2BQp3pi7FEH3GycjcA2QyKwPVd0Ju9AWI
MDOPPvQbAgMBAAGjggMIMIIDBDALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFBDz7C+z
el/LP2L6QNA4wSbz8aXXMFwGA1UdEQRVMFOCC291dGxvb2suY29tgg0qLm91dGxv
b2suY29tghIqLmV4Y2hhbmdlbGFicy5jb22CDW0ub3V0bG9vay5jb22CEm0uZXhj
aGFuZ2VsYWJzLmNvbTAfBgNVHSMEGDAWgBQIQuPbThFm87UIxUDbVXwzRhGDODCC
AQoGA1UdHwSCAQEwgf4wgfuggfiggfWGWGh0dHA6Ly9tc2NybC5taWNyb3NvZnQu
Y29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUy
MEF1dGhvcml0eSg4KS5jcmyGVmh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kv
bXNjb3JwL2NybC9NaWNyb3NvZnQlMjBTZWN1cmUlMjBTZXJ2ZXIlMjBBdXRob3Jp
dHkoOCkuY3JshkFodHRwOi8vY29ycHBraS9jcmwvTWljcm9zb2Z0JTIwU2VjdXJl
JTIwU2VydmVyJTIwQXV0aG9yaXR5KDgpLmNybDCBvwYIKwYBBQUHAQEEgbIwga8w
XgYIKwYBBQUHMAKGUmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3Jw
L01pY3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUyMEF1dGhvcml0eSg4KS5jcnQw
TQYIKwYBBQUHMAKGQWh0dHA6Ly9jb3JwcGtpL2FpYS9NaWNyb3NvZnQlMjBTZWN1
cmUlMjBTZXJ2ZXIlMjBBdXRob3JpdHkoOCkuY3J0MD8GCSsGAQQBgjcVBwQyMDAG
KCsGAQQBgjcVCIPPiU2t8gKFoZ8MgvrKfYHh+3SBT4PC7YUIjqnShWMCAWQCAQow
HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMCcGCSsGAQQBgjcVCgQaMBgw
CgYIKwYBBQUHAwIwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEFBQADggEBALWVrEiN
S3z2nUpvdL9KQ6OTqKJCGr62NFzgwmmHwW4Ci702hnzIXgL36VGcYGFOMewQmQ/w
8SkoC41avNk3zblf/8zUxNVl5jDzJ2q1RhKuF4/W7ch5yRv71qNUiccxw+xTJw27
MqZ/XKjAuUNBj1Kw3sthW3t2j5xvb5AEm5Li+ym6AIl52tXV9Qs16HgIPGmUSBw8
ZWvrlNo9Z9NDfwDpjKfDuSHgxfhdDrguiwJbuR34zzkGbYXE5cv8ePmmIK+4io1gc
yGGFxg2nIXcXVNROD/1EIsdMXFYAZKkX3UXci8A665frX9fvE1fy/s/7GBqP2t7c
X9S/EdDM2KYxlrY=
-----END CERTIFICATE-----
subject=/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Exchange/CN=outlook.com
issuer=/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority
---
No client certificate CA names sent
---
SSL handshake has read 4717 bytes and written 447 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES128-SHA
    Session-ID: 7D120000C392C25857D0FC714554A0F77466ECD614D363260E39812DBA65EEA7
    Session-ID-ctx:
    Master-Key: F9468FE2A6CB39B474AE37754C455AE378B0B7907A6E73F2F96932B3DC03F5CE6FDB3E715FF09DF00CC037779FD2CCFD
    Key-Arg   : None
    Krb5 Principal: None
    Start Time: 1325721446
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
* OK The Microsoft Exchange IMAP4 service is ready.

[otrs< at >tki-c01 ~]$_______________________________________________
fetchmail-users mailing list
fetchmail-users< at >lists.berlios.de
https://lists.berlios.de/mailman/listinfo/fetchmail-users