home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] formail / fetchmail issue

On Thu, Apr 16, 2015 at 02:11:10PM -0400, Prof J C Nash (U30A) wrote:
> I've tried 777 perms for umail and umail/inbox file.

Don't do that. Not only is it likely irrelevant, but it's a terrible
idea, securitywise. The magic everybody has access perms is not
something you should do blindly. Notice how later it says *no such file
or directory*, not *permission denied*.

> I'll not pretend to know much about this sort of stuff,

This has not only to do with fetchmail. How much do you know about PKI?

> here is what happens:
>
> [nashjc@nash2015 ~]$ fetchmail
> fetchmail: Server certificate verification error: unable to get local
> issuer certificate
> fetchmail: This means that the root signing certificate (issued for
> /C=CA/ST=Ontario/L=Ottawa/O=University of
> Ottawa/OU=CCS/CN=mailbox.uottawa.ca) is not in the trusted CA
> certificate locations, or that c_rehash needs to be run on the
> certificate directory. For details, please see the documentation of
> --sslcertpath and --sslcertfile in the manual page.

You really should install the missing CA certificate. Obtain it securely
from your the appropriate department's IT services.

> fetchmail: Warning: the connection is insecure, continuing anyways.

It really is insecure. Opportunistic encryption only.

> 40 messages for nashjc at mailbox.uottawa.ca (folder INBOX).
> reading message nashjc [ at ] mailbox [ dot ] uottawa [ dot ] ca:1 of 40 (1961 header octets)
> .# (189500 body octets)
> ***.********************.*********************.**************sh:
> /home/john/umail/inbox: No such file or directory

Is that a symlink? Try 'stat'ing and 'cat'ing it.

If that doesn't give you an obvious answer as to what's wrong, strace -e
trace=file fetchmail, and report back what system call is returning -1
ENOENT (No such file or directory).

Attachment: pgpXTkr9oZDIu.pgp
Description: PGP signature

references