X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=fetchmail-FAQ.html;h=6b425ea2c376cc9b7d049e76044f250bcaa9c6be;hb=5b0e1fdef9c55b9c8a54f5c146fc84dab3b82e63;hp=9daeff97ce7c3063d63e04ca73b394834a67c9e1;hpb=ab7a6789b682eb82230c5d0c1b5cc37b3cca5628;p=~andy%2Ffetchmail
diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 9daeff97..6b425ea2 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -188,6 +188,7 @@ messages but before deleting them
errors.
R13. What does "Interrupted system call" mean?
R14. Since upgrading fetchmail/OpenSSL, I can no longer connect!
+R15. Help, I'm getting Authorization failure!
If you still need to use Google's mail service, these links may help (valid as of 2011-04-13):
+Fetchmail can use RFC1731 GSSAPI authorization to safely identify you to your IMAP server, as long as you can share Kerberos V credentials with your mail host and you have a GSSAPI-capable -IMAP server - those are few.
+IMAP server.fetchmail does not compile in support for GSS by -default, since it requires libraries from the Kerberos V -distribution (available via FTP at athena-dist.mit.edu). -If you have these, compiling in GSS support is simple: add a +default, since it requires libraries from a Kerberos V +distribution, such as MIT + Kerberos or Heimdal + Kerberos.
+ +If you have these, compiling in GSS support is simple: add a
First, try upgrading to fetchmail 6.3.18 or newer. Release 6.3.18 has
+received a considerable number of bug fixes for the authentication
+feature (AUTH, AUTHENTICATE, SASL). Most notably, fetchmail aborts SASL
+authentication attempts properly with an asterisk if it detects that it
+cannot make progress with a particular authentication scheme. This fixes
+issues where GSSAPI-enabled fetchmail cannot authenticate against
+Microsoft Exchange 2007 and 2010. Note that this is a
+bug in old fetchmail versions! Fetchmail by default attempts to authenticate using various schemes.
+Fetchmail tries these schemes in order of descending security, meaning
+the most secure schemes are tried first. However, sometimes the server offers a secure authentication scheme
+that is not properly configured, or an authentication scheme such as
+GSSAPI that requires credentials to be acquired externally. In some
+situations, fetchmail cannot know that the scheme will fail beforehand,
+without trying it. In most cases, fetchmail should proceed to the next
+authentication scheme automatically, but this sometimes does not
+work. Solution: Configure the right authentication scheme
+explicitly, for instance, with --auth cram-md5 or --auth
+ password on the command line or The symption: 'fetchmail -v' retrieves the first few messages,
+ Symptom: 'fetchmail -v' retrieves the first few messages,
but hangs returning:--with-gssapi=[/path/to/krb5/root]
option to
configure. For instance, I have all of my Kerberos V libraries
installed under /usr/krb5 so I run configure
@@ -2503,6 +2515,38 @@ option is --sslcertpath /home/hans/certs on the commandline and
env PATH=/opt/openssl1.0.0/bin /opt/openssl1.0.0/bin/c_rehash /home/hans/certs
+
R15. Help, I'm getting Authorization failure!
+
+auth "cram-md5"
or
+ auth "password"
in the rcfile. Details can be found
+ in the manual page.
+ Note that auth password should only be used
+ across secure links (see the sslcertck and ssl/sslproto options).
+
Hangs and lockups
H1. Fetchmail hangs when used with
@@ -2558,7 +2602,7 @@ configuration of sendmail. You must enable the 'nodns' and
H3. Fetchmail hangs while fetching
mail.
-