X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=fetchmail.man;h=a618fffc5127db40a1e12f37562177522b5363c5;hb=03a31a4771efd7e48256ac0d7d2442f5e6bc381f;hp=237710f865c34d18f650f86e4eb5bed7e051cb00;hpb=514239e63f18708b86d41db7fa78f49714b10c29;p=~andy%2Ffetchmail diff --git a/fetchmail.man b/fetchmail.man index 237710f8..a618fffc 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -10,7 +10,7 @@ .\" Load www macros to process .URL requests, this requires groff: .mso www.tmac .\" -.TH fetchmail 1 "fetchmail 6.3.21" "fetchmail" "fetchmail reference manual" +.TH fetchmail 1 "fetchmail 6.3.24" "fetchmail" "fetchmail reference manual" .SH NAME fetchmail \- fetch mail from a POP, IMAP, ETRN, or ODMR-capable server @@ -474,7 +474,8 @@ Also see \-\-sslcert above. (Keyword: sslproto) .br Forces an SSL/TLS protocol. Possible values are \fB''\fP, -\&'\fBSSL2\fP', '\fBSSL23\fP', (use of these two values is discouraged +\&'\fBSSL2\fP' (not supported on all systems), +\&'\fBSSL23\fP', (use of these two values is discouraged and should only be used as a last resort) \&'\fBSSL3\fP', and \&'\fBTLS1\fP'. The default behaviour if this option is unset is: for connections without \-\-ssl, use \&'\fBTLS1\fP' so that fetchmail will @@ -1365,6 +1366,8 @@ The option turns off use of .BR syslog (3), assuming it's turned on in the \fI~/.fetchmailrc\fP file. +This option is overridden, in certain situations, by \fB\-\-logfile\fP (which +see). .PP The .B \-N @@ -1376,8 +1379,7 @@ fetchmail runs as the child of a supervisor process such as .BR init (8) or Gerrit Pape's .BR runit (8). -Note that this also causes the logfile option to be ignored (though -perhaps it shouldn't). +Note that this also causes the logfile option to be ignored. .PP Note that while running in daemon mode polling a POP2 or IMAP2bis server, transient errors (such as DNS failures or sendmail delivery refusals) @@ -1701,13 +1703,16 @@ Keep permanently undeliverable mail as though a temporary error had occurred (default). T} set logfile \-L \& T{ -Name of a file to append error and status messages to. +Name of a file to append error and status messages to. Only effective +in daemon mode and if fetchmail detaches. If effective, overrides \fBset +syslog\fP. T} set idfile \-i \& T{ Name of the file to store UID lists in. T} set syslog \& \& T{ -Do error logging through syslog(3). +Do error logging through syslog(3). May be overriden by \fBset +logfile\fP. T} set no syslog \& \& T{ Turn off error logging through syslog(3). (default) @@ -2780,6 +2785,16 @@ then that name is used as the default local name. Otherwise session ID (this elaborate logic is designed to handle the case of multiple names per userid gracefully). +.IP \fBFETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE\fP +(since v6.3.22): +If this environment variable is set and not empty, fetchmail will disable +a countermeasure against an SSL CBC IV attack (by setting +SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS). This is a security risk, but may be +necessary for connecting to certain non-standards-conforming servers. +See fetchmail's NEWS file and fetchmail-SA-2012-01.txt for details. +Earlier fetchmail versions (v6.3.21 and older) used to disable this +countermeasure, but v6.3.22 no longer does that as a safety precaution. + .IP \fBFETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS\fP (since v6.3.17): If this environment variable is set and not empty, fetchmail will always load