Mailing List Archive

Fetchmail Exchange RT4 Configuration questions
I was wondering if anyone had any insight into how to configure the RT MDA to accept a self-signed certificate, or if I have to go ahead and get a dv cert for this server.

Email sent to support@ is taken off the exchange 2010 server using fetchmail to collect it via pop3, then forwarded to the RT MDA as below:

#--- fetchmail Config
#set daemon 120
#set syslog
poll exch1.mk.local proto pop3 user"support" pass"********" to root sslproto "TLS1" mda "/opt/rt4/bin/rt-mailgate --url https://rt.markentsolutions.com/rt --queue support --action correspond"

When it runs, I get the following error:

500 Can't connect to rt.markentsolutions.com:443
(certificate verify failed)
fetchmail: MDA returned nonzero status 75
not flushed
fetchmail: POP3> LIST 8
fetchmail: POP3< +OK 8 406
fetchmail: POP3> TOP 8 99999999
fetchmail: POP3< +OK
reading message support@exch1.mk.local:8 of 8 (406 octets) #**An Error Occurred

Any help would be appreciated.

Thanks,

Shane
Re: Fetchmail Exchange RT4 Configuration questions [ In reply to ]
On 04/17/2013 11:35 AM, Shane Vedvik wrote:
> I was wondering if anyone had any insight into how to configure the RT
> MDA to accept a self-signed certificate, or if I have to go ahead and
> get a dv cert for this server.

Provide your self-generated signing CA as an option:
https://bestpractical.com/rt/docs/4.0/rt-mailgate.html#ca-file-path

Or install your signing CA into your system's trusted certs (usually
/etc/ssl/certs or somesuch, and then run c_rehash [directory]).
Re: Fetchmail Exchange RT4 Configuration questions [ In reply to ]
Can't talk specifically to self signed certs, but we collect mail via
fetchmail over an SSL connection. The only way I could get it to work
reliably was to generate the SSL fingerprint of the pop server and add that
to the .fetchmailrc file. The process is documented in the fetchmail
documentation.

=G

On Wednesday, April 17, 2013, Shane Vedvik wrote:

> I was wondering if anyone had any insight into how to configure the RT MDA
> to accept a self-signed certificate, or if I have to go ahead and get a dv
> cert for this server. ****
>
> ** **
>
> Email sent to support@ is taken off the exchange 2010 server using
> fetchmail to collect it via pop3, then forwarded to the RT MDA as below:**
> **
>
> ** **
>
> #--- fetchmail Config****
>
> #set daemon 120****
>
> #set syslog****
>
> poll exch1.mk.local proto pop3 user”support” pass”********” to root
> sslproto “TLS1” mda “/opt/rt4/bin/rt-mailgate --url
> https://rt.markentsolutions.com/rt --queue support --action correspond”***
> *
>
> ** **
>
> When it runs, I get the following error:****
>
> ** **
>
> 500 Can't connect to rt.markentsolutions.com:443****
>
> (certificate verify failed)****
>
> fetchmail: MDA returned nonzero status 75****
>
> not flushed****
>
> fetchmail: POP3> LIST 8****
>
> fetchmail: POP3< +OK 8 406****
>
> fetchmail: POP3> TOP 8 99999999****
>
> fetchmail: POP3< +OK****
>
> reading message support@exch1.mk.local:8 of 8 (406 octets) #**An Error
> Occurred****
>
> ** **
>
> Any help would be appreciated.****
>
> ** **
>
> Thanks,****
>
> ** **
>
> Shane****
>
> ** **
>
> ** **
>