search

marlam / mpop

POP3 client
https://marlam.de/mpop
GNU General Public License v3.0
13 stars 1 forks source link

Can't fetch from POP3s #5

Closed apiraino closed 3 years ago

apiraino commented 3 years ago

Hi, thanks for mpop, I'm trying to play a bit with it.

I need to fetch mail from a postfix configured with TLS on port 995. I copy-pasted the example configuration and I am trying to retrieve the fingerprint of the SSL key, as suggested but the connection seems to hang:

$ mpop -d --timeout 3 myaccount
using account myaccount from /home/$USER/.config/mpop/config
host = mail.domain.org
port = 995
source ip = (not set)
proxy host = (not set)
proxy port = 0
timeout = 3 seconds
pipelining = auto
received_header = on
auth = choose
user = ...
password = *
passwordeval = (not set)
ntlmdomain = (not set)
tls = on
tls_starttls = on
tls_trust_file = system
tls_crl_file = (not set)
tls_fingerprint = (not set)
tls_key_file = (not set)
tls_cert_file = (not set)
tls_certcheck = on
tls_min_dh_prime_bits = (not set)
tls_priorities = (not set)
delivery = mbox /home/$USER/Mail/inbox
uidls file = ...
only_new = on
keep = off
killsize = off
skipsize = off
filter = (not set)
mpop: network read error: the operation timed out
mpop: error during mail retrieval (account domain.org from /home/$USER/.config/mpop/config)

this is my config file

defaults
tls on
delivery mbox ~/Mail/inbox
account myaccount
host mail.domain.org
user user@domain.org
password asdfghjk
port 995

Same error when I try to fetch the SSL fingerprint with mpop --serverinfo --tls --tls-certcheck=off --host=mail.domain.org

I'm using

$ mpop --version
mpop version 1.4.3
Platform: x86_64-pc-linux-gnu
TLS/SSL library: GnuTLS
Authentication library: GNU SASL; user and apop: built-in
Supported authentication methods:
user plain scram-sha-1 external gssapi apop cram-md5 digest-md5 login ntlm 
IDN support: enabled
NLS: enabled, LOCALEDIR is /usr/share/locale
Keyring support: none
Configuration file name: /home/$USER/.config/mpop/config

I think I'm doing something wrong but don't understand what. Fetching mail with Thunderbird works just fine

thanks!

marlam commented 3 years ago

Hi, add tls_starttls off to your configuration.

On port 110, TLS is started from within the POP3 protocol using STARTTLS, but on port 995, TLS is started first and the POP3 session runs completely within the TLS session (which is preferable).

apiraino commented 3 years ago

yay, it works! Thank you for explaining the why it didn't work :-)