Dear users, Recently I've been forced to use Outlook as my work Email client and I miss mutt badly.
My company uses an "IMAP (Exchange?) + Active Directory authentication + SSL(?)" email server, and my laptop joins the domain SOME-DOMAIN. I've been struggling to make it work on mutt + fetchmail, but failed in many ways: ============================================ Attempts #1: fetchmail user/password ============================================ leaf@ ~ | fetchmail -vv Old UID list from 10.159.192.17: <empty> Scratch list of UIDs: <empty> fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:42:35 PM CST: poll started Trying to connect to 10.159.192.17/143...connected. fetchmail: IMAP< * BYE Connection refused fetchmail: Received BYE response from IMAP server: CONNECTION REFUSEDfetchmail: IMAP> A0001 CAPABILITY fetchmail: 10.159.192.17: opportunistic upgrade to TLS failed, trying to continue fetchmail: IMAP> A0002 NOOP fetchmail: Repoll immediately on SOME-DOMAIN\user@10.159.192.17 Trying to connect to 10.159.192.17/143...connected. fetchmail: IMAP< * BYE Connection refused fetchmail: Received BYE response from IMAP server: CONNECTION REFUSEDfetchmail: IMAP> A0001 CAPABILITY fetchmail: GSSAPI error gss_inquire_cred: Unspecified GSS failure. Minor code may provide more information fetchmail: GSSAPI error gss_inquire_cred: Credentials cache file '/tmp/krb5cc_1000' not found fetchmail: No suitable GSSAPI credentials found. Skipping GSSAPI authentication. fetchmail: If you want to use GSSAPI, you need credentials first, possibly from kinit. fetchmail: IMAP> A0002 LOGIN "SOME-DOMAIN\\user" * fetchmail: Unknown login or authentication error on SOME-DOMAIN\user@10.159.192.17 fetchmail: socket error while fetching from SOME-DOMAIN\user@10.159.192.17 fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:42:35 PM CST: poll completed Merged UID list from 10.159.192.17: <empty> fetchmail: Query status=2 (SOCKET) fetchmail: normal termination, status 2 ============================================ Attempts #2: fetchmail + SSL + user/password ============================================ I also tried to make fetchmail talk to the IMAP server with SSL enabled, and provide my Active Directory user/pass to auth against the server, but failed, again: leaf@ ~ | fetchmail -vv --ssl Old UID list from 10.159.192.17: <empty> Scratch list of UIDs: <empty> fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:43:59 PM CST: poll started Trying to connect to 10.159.192.17/993...connected. 24047:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:607: fetchmail: SSL connection failed. fetchmail: socket error while fetching from SOME-DOMAIN\user@10.159.192.17 fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:44:00 PM CST: poll completed Merged UID list from 10.159.192.17: <empty> fetchmail: Query status=2 (SOCKET) fetchmail: normal termination, status 2 ============================================ Attempts #3: fetchmail + private key ============================================ Later my co-worker told me our server uses an private/public key authentication method (since I was prompt to accept certification from the server first time login with Outlook), so I copied private key from Outlook and tried, and failed: leaf@ ~ | fetchmail -vv --sslkey cert0.cer Old UID list from 10.159.192.17: <empty> Scratch list of UIDs: <empty> fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:44:40 PM CST: poll started Trying to connect to 10.159.192.17/143...connected. fetchmail: IMAP< * BYE Connection refused fetchmail: Received BYE response from IMAP server: CONNECTION REFUSEDfetchmail: IMAP> A0001 CAPABILITY fetchmail: 10.159.192.17: opportunistic upgrade to TLS failed, trying to continue fetchmail: IMAP> A0002 NOOP fetchmail: Repoll immediately on SOME-DOMAIN\user@10.159.192.17 Trying to connect to 10.159.192.17/143...connected. fetchmail: IMAP< * BYE Connection refused fetchmail: Received BYE response from IMAP server: CONNECTION REFUSEDfetchmail: IMAP> A0001 CAPABILITY fetchmail: GSSAPI error gss_inquire_cred: Unspecified GSS failure. Minor code may provide more information fetchmail: GSSAPI error gss_inquire_cred: Credentials cache file '/tmp/krb5cc_1000' not found fetchmail: No suitable GSSAPI credentials found. Skipping GSSAPI authentication. fetchmail: If you want to use GSSAPI, you need credentials first, possibly from kinit. fetchmail: IMAP> A0002 LOGIN "SOME-DOMAIN\\user" * fetchmail: Unknown login or authentication error on SOME-DOMAIN\user@10.159.192.17 fetchmail: socket error while fetching from SOME-DOMAIN\user@10.159.192.17 fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:44:40 PM CST: poll completed Merged UID list from 10.159.192.17: <empty> fetchmail: Query status=2 (SOCKET) fetchmail: normal termination, status 2 = Afterthought: Later I figured it doesn't make sense if all clients use the same private key, but the problem is: how can fetchmail know when to download the private key? Or is there an option to achieve this? ============================================ Attempts #4: fetchmail + SSL + private key ============================================ So I checked the Outlook setting again, and spotted there's an "Encrypt data between client and server", so I tried to "encrypt", but with no luck: leaf@ ~ | fetchmail -vv --sslkey cert0.cer --ssl Old UID list from 10.159.192.17: <empty> Scratch list of UIDs: <empty> fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:45:08 PM CST: poll started Trying to connect to 10.159.192.17/993...connected. 24051:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:607: fetchmail: SSL connection failed. fetchmail: socket error while fetching from SOME-DOMAIN\user@10.159.192.17 fetchmail: 6.3.18 querying 10.159.192.17 (protocol IMAP) at Thu 13 Oct 2011 08:45:08 PM CST: poll completed Merged UID list from 10.159.192.17: <empty> fetchmail: Query status=2 (SOCKET) fetchmail: normal termination, status 2 ==================== My .fetchmailrc file leaf@ ~ | cat .fetchmailrc poll 10.159.192.17 with proto imap user 'SOME-DOMAIN\\user' there with password 'password' is 'tim' here keep options stripcr mda "/usr/bin/procmail -f %F" ==================== Any suggestion would be appreciated. :) - Tim
