Bookworm fetchmail talking to old Symbioisis server

adhawkins · 19 December 2023 17:49

Problem Description

I’ve just upgraded my local mail machine to Debian Bookworm. This uses fetchmail to get the email from an old Symbiosis server that’s still hosted at iomart. Since the upgrade, it’s been failing to negotiate an SSL conenction

Any Error Messages

Dec 19 17:38:34 xcp-mailnews fetchmail[1615]: OpenSSL reported: error:0A00014D:SSL routines::legacy sigalg disallowed or unsupported

Environment

Sympl Version Old symbiosis
Sympl Testing Version? No
Debian Version Bookworm locally, Jessie on the server
Hardware Type? Virtual
Hosted On? iomart

I appreciate this is outside the scope of this, and I really need to get the domain moved onto a more modern Sympl based system. To get it working I’ve had to enable plaintext login on the Dovecot server, and turn of SSL in fetchmail. However, if I could get back to SSL until I have the time to move the domain I’d be a little less twitchy.

Thanks

Andy

Kelduum · 19 December 2023 19:37

You’ll probably need to adjust fetchmail so it’s okay with the old cyphers the version of Dovecot on Jessie used.

The alternative would be to stick something like stunnel on the Jessie machine to handle the TLS proxy, but that’s much more complicated.

With Jessie being end of life back in 2020, your best option is probably to move to Sympl as soon as possible.

adhawkins · 19 December 2023 22:24

Yeah, moving the domain is definitely on my list.

Was hoping someone could assist with the fetchmail config.

I tried modifying ssl.cnf to allow the ‘legacy’ ciphers, but that didn’t seem to help.

Anyone?