On Mi, 08 iul 20, 09:36:25, Gene Heskett wrote: > On Wednesday 08 July 2020 07:54:33 Greg Wooledge wrote: > > > On Wed, Jul 08, 2020 at 05:12:20AM -0400, Gene Heskett wrote: > > > As a 2 decade user of fetchmail/procmail combo, I just updated to > > > stretch backports, but did not get a TLSv1.3, so when I configure > > > the newest fetchmail, I don't get ssl3 support. > > > > Er... what? This question doesn't make any sense. I can't figure > > out whether you're asking for a *newer* library or an *older* library > > than what you have right now. > > > > TLS 1.3 is very new, and is not assumed to be present by most > > applications. > > > > SSL 3 is extremely old, and has well-known exploited holes. My > > first Google hit for SSL 3 is a refernce to the POODLE exploit from > > 2014. > > <https://blog.qualys.com/ssllabs/2014/10/15/ssl-3-is-dead-killed-by-th > >e-poodle-attack> > > > > Are you *really* trying to use SSL 3, because that's what you > > configured the other end to use, "2 decades" ago? If so, it is time > > to stop doing that. Upgrade *both* ends to use currently supported, > > non-vulnerable TLS protocols. At this point, TLS 1.2 is your most > > likely target. > > ./configure --with-ssl, make, sudo make install, is whats working right > now. But I won't know if it all just works again till the middle of the > night when sa-train-bayes runs again. But it runs as me, so nothing is > stopping me from running it right now. And this time it did restart > fetchmail ok when it was done. 6.4.3 was giving systemd a tummy ache > after updating from backports, about 150 packages. That also destroyed > TDE and it took a reboot to restore it, a startx got me xfce. > > But, while fetchmail-6.4.8 seems to be listed by synaptic, its ghosted > and will not let me install the "approved" version, so I must dl and > build my own. Whats with that? Please post the output of 'apt policy fetchmail'. > And I note that procmail is being bad-mouthed, but its been doing > exactly what I want for 2 decades with no hiccups. I remember having a look at its syntax and... well, let's say I used maildrop ;) > I would submit that its docs might need help, but if you read them > carefully, it does exactly what you tell it to do, so I've no > need/urge to experiment with getmail. getmail is intended as a replacement for fetchmail... http://pyropus.ca/software/getmail/faq.html#faq-about-why As far as I can tell it supports Python 2 only, which is going to be removed from Debian. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature