getmail replacing fetchmail (was: POP3 in Debian)
Hello again,
* Martin Steigerwald wrote on 2012-01-19 at 19:28 (+0100):
> Am Donnerstag, 19. Januar 2012 schrieb Jon Dowland:
> > On 19/01/12 12:50, Mathias Bauer wrote:
> > > Is this a general advice? If so, then why?
> >
> > Yes.
> >
> > <http://pyropus.ca/software/getmail/faq.html#faq-about-why>
> > covers many reasons.
thanks for the link.
> Holy smoke!
>
> Well that are enough reasons for me. OTOH it would be
> interesting to know the other side of the story.
I got curious about getmail so I just gave it a try and it seems
to be quite nice. But apart from fetchmail's "security history"
and the asserted complexity of its config file, that was pointed
to several times in the (in some way emotionally heated) document
linked above, getmail lacks two features at first glance:
(a) Any SSL certification check avoiding a man-in-the-middle
attack.
(b) A mechanism for direct re-injection retrieved messages via
SMTP to the client machine's port 25.
Concerning a) it may possibly be implemented by stunnel somehow.
For now I haven't figured it out. And concerning b) getmail
itself provides a mechanism handing over the retrieved messages
via a pipe (e.g. using /usr/sbin/sendmail to the MTA). Of course
the needed additional process(es) are far away from being as
efficient as direct delivery via SMTP. (Although getmail doesn't
(and won't) support (b) and other solutions are recommended in
the docs and its mailing list's messages, there may be situations
where "going through the MTA" is necessary.)
Well, for the moment it seems to me that this is the price of
replacing fetchmail - and of "The Unix Way (tm) - do one thing
and do it well" :-)
Regards,
Mathias
Reply to: