imap.google.com being spoofed?
chris coleman
christocoleman at yahoo.com
Mon Oct 1 06:27:02 UTC 2012
Dmitri wrote:
Noticed offlineimap failing with
ERROR: Server SSL fingerprint
'6d1b5b5ee0180ab493b71d3b94534b5ab937d042' for hostname
'imap.gmail.com' does not match configured fingerprint. Please verify
and set 'cert_fingerprint' accordingly if not set yet.
I have in my .offlineimaprc
cert_fingerprint=f3043dd689a2e7dddfbef82703a6c65ea9b634c1
Repeated attempts to connect only succeed if I set maxconnections = 1.
With maxconnections = 5 I see the above error popping up halfway the
offlineimap session
(different threads hit different certs, I suppose).
Is it a genuine hacking attempt going on, or some misconfiguration somewhere?
Any easy way to gather extra info on these connections?
(I program in Python, but I have no time to read and modify
offlineimap, at least not now...)
Hi Dmitri,
Here are the steps to manually verify that gmail SSL certificate.
http://www.cyberciti.biz/faq/test-ssl-certificates-diagnosis-ssl-certificate/
Note that imap.gmail.com is accessible at 2 different ip addresses.
173.194.76.108
and
173.194.76.109
So you should check both of them, by IP address, not by the hostname..
Let us know what you find out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/offlineimap-project/attachments/20120930/04321794/attachment.html>
More information about the OfflineIMAP-project
mailing list