.\" Load www macros to process .URL requests, this requires groff:
.mso www.tmac
.\"
-.TH fetchmail 1 "fetchmail 6.3.19" "fetchmail" "fetchmail reference manual"
+.TH fetchmail 1 "fetchmail 6.3.23" "fetchmail" "fetchmail reference manual"
.SH NAME
fetchmail \- fetch mail from a POP, IMAP, ETRN, or ODMR-capable server
(Keyword: sslproto)
.br
Forces an SSL/TLS protocol. Possible values are \fB''\fP,
-\&'\fBSSL23\fP' (note however that fetchmail, since v6.3.20, prohibits
-negotiation of SSLv2 -- it has been deprecated for 15 years and is
-insecure), \&'\fBSSL3\fP', and
+\&'\fBSSL2\fP' (not supported on all systems),
+\&'\fBSSL23\fP', (use of these two values is discouraged
+and should only be used as a last resort) \&'\fBSSL3\fP', and
\&'\fBTLS1\fP'. The default behaviour if this option is unset is: for
connections without \-\-ssl, use \&'\fBTLS1\fP' so that fetchmail will
opportunistically try STARTTLS negotiation with TLS1. You can configure
option turns off use of
.BR syslog (3),
assuming it's turned on in the \fI~/.fetchmailrc\fP file.
+This option is overridden, in certain situations, by \fB\-\-logfile\fP (which
+see).
.PP
The
.B \-N
.BR init (8)
or Gerrit Pape's
.BR runit (8).
-Note that this also causes the logfile option to be ignored (though
-perhaps it shouldn't).
+Note that this also causes the logfile option to be ignored.
.PP
Note that while running in daemon mode polling a POP2 or IMAP2bis server,
transient errors (such as DNS failures or sendmail delivery refusals)
occurred (default).
T}
set logfile \-L \& T{
-Name of a file to append error and status messages to.
+Name of a file to append error and status messages to. Only effective
+in daemon mode and if fetchmail detaches. If effective, overrides \fBset
+syslog\fP.
T}
set idfile \-i \& T{
Name of the file to store UID lists in.
T}
set syslog \& \& T{
-Do error logging through syslog(3).
+Do error logging through syslog(3). May be overriden by \fBset
+logfile\fP.
T}
set no syslog \& \& T{
Turn off error logging through syslog(3). (default)
There are some global option statements: 'set logfile'
followed by a string sets the same global specified by \-\-logfile. A
command-line \-\-logfile option will override this. Note that \-\-logfile is
-only effective if fetchmail detaches itself from the terminal and the
+only effective if fetchmail detaches itself from the terminal, is in
+daemon mode, and if the
logfile already exists before fetchmail is run, and it overrides
\-\-syslog in this case. Also,
\&'set daemon' sets the poll interval as \-\-daemon does. This can be
session ID (this elaborate logic is designed to handle the case of
multiple names per userid gracefully).
-.IP \fBFETCHMAIL_IMAP_DELETED_REMAINS_UNSEEN\fP
-(since v6.3.20):
-If this environment variable is set and not empty, fetchmail will NOT mark
-messages retrieved through IMAP as \\Seen when they are deleted. This may suppress
-delivery notifications on some systems (some versions of HP OpenMail) and change them
-to mention "deleted without being read" on others (some versions of Microsoft Exchange).
-The default (if this variable is unset or empty) is to mark messages as \\Seen
-and \\Deleted at the same time.
+.IP \fBFETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE\fP
+(since v6.3.22):
+If this environment variable is set and not empty, fetchmail will disable
+a countermeasure against an SSL CBC IV attack (by setting
+SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS). This is a security risk, but may be
+necessary for connecting to certain non-standards-conforming servers.
+See fetchmail's NEWS file and fetchmail-SA-2012-01.txt for details.
+Earlier fetchmail versions (v6.3.21 and older) used to disable this
+countermeasure, but v6.3.22 no longer does that as a safety precaution.
.IP \fBFETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS\fP
(since v6.3.17):
Running \fBfetchmail\fP in foreground while a background fetchmail is
running will do whichever of these is appropriate to wake it up.
-.SH BUGS AND KNOWN PROBLEMS
+.SH BUGS, LIMITATIONS, AND KNOWN PROBLEMS
.PP
Please check the \fBNEWS\fP file that shipped with fetchmail for more
known bugs than those listed here.
only hurt when using UID-based \-\-keep setups, so the 6.3.X versions of
fetchmail won't be fixed.
.PP
+Fetchmail cannot handle configurations where you have multiple accounts
+that use the same server name and the same login. Any user@server
+combination must be unique.
+.PP
The assumptions that the DNS and in particular the checkalias options
make are not often sustainable. For instance, it has become uncommon for
an MX server to be a POP3 or IMAP server at the same time. Therefore the