Thu 2 Nov 2006
Fetchmail - error: Servname not supported for ai_socktype
Posted by Richard under Configuration , Linux , Software , Westhost1 Comment
I have just spent ages trying to resolve this problem, digging deep into openssl, certificates, PEM and the wonderful world of encryption, only to find that the answer was staring me in the face! Just goes to show how important it is to enter the right search terms into Google….
I have the following entry in my .fetchmailrc file
poll secure.server with proto POP3Replace secure.server, username@myisp.com, xxxx, ,localname, mydomain.com as required and enter the correct path to your .pem files and hashes.
user username@myisp.com there with password xxxx is localname here smtphost mydomain.com keep ssl sslcertck sslcertpath "/usr/local/ssl/certs"
Everytime I tried to connect to the server, I got the following output
[mylogin][~]$ fetchmail -kv secure.server
fetchmail: 6.3.5 querying secure.server (protocol POP3) at Tue Oct 31 07:41:02 2006: poll started
fetchmail: getaddrinfo(“secure.server”,”pop3s”) error: Servname not supported for ai_socktype
fetchmail: Try adding the --service option (see also FAQ item R12).
POP3 connection to secure.server failed: No such file or directory
fetchmail: 6.3.5 querying secure.server (protocol POP3) at Tue Oct 31 07:41:12 2006: poll completed
fetchmail: Query status=2 (SOCKET)
fetchmail: normal termination, status 2
I thought that maybe the problem was with the certificate for secure.server (in my case secure.cnc.net) as it could not be validated - it uses Authority Information Access (AIA) to resolve its root certificate using OCSP - URI:http://ocsp.verisign.com. This was a red herring and threw me off on a wild goose chase. The real problem was this error getaddrinfo(“secure.server”,”pop3s”) error: Servname not supported for ai_socktype
This means that the service pop3s is not defined in /etc/services and that neither fetchmail nor openssl know which port to connect to. As soon as I added these lines to /etc/services, everything proceeds as expected (I still have to resolve the OCSP problem)
pop3s 995/tcp
imaps 993/tcp
ldaps 636/tcp
Here is the updated output from fetchmail
fetchmail -kv secure.server
fetchmail: 6.3.5 querying secure.server (protocol POP3) at Thu Nov 2 07:50:58 2006: poll started
Trying to connect to xxx.xxx.xxx.xxx/995…connected.
fetchmail: Issuer Organization: RSA Data Security, Inc.
fetchmail: Unknown Issuer CommonName
fetchmail: Server CommonName: secure.server
fetchmail: secure.server key fingerprint: 96:C6:81:FF:A7:22:2F:6D:F5:60:F8:8F:CE:2D:F0:5F
fetchmail: POP3< +OK POP3 Server Ready.
fetchmail: POP3> CAPA
fetchmail: POP3< -ERR Unknown command
fetchmail: Unknown command
fetchmail: Repoll immediately on username@myisp.com@server.myisp.com
Trying to connect to xxx.xxx.xxx.xxx/995…connected.
fetchmail: Issuer Organization: RSA Data Security, Inc.
fetchmail: Unknown Issuer CommonName
fetchmail: Server CommonName: secure.server
fetchmail: secure.server key fingerprint: 96:C6:81:FF:A7:22:2F:6D:F5:60:F8:8F:CE:2D:F0:5F
fetchmail: POP3< +OK POP3 Server Ready.
fetchmail: POP3> USER username@myisp.com
fetchmail: POP3< +OK Password required for username@myisp.com.
fetchmail: POP3> PASS *
fetchmail: POP3< +OK username has 0 message(s) (0 octets).
fetchmail: POP3> STAT
fetchmail: POP3< +OK 0 0
fetchmail: No mail for username@myisp.com at secure.server
fetchmail: POP3> QUIT
fetchmail: POP3< +OK Pop server at illustrious signing off.
fetchmail: 6.3.5 querying secure.server (protocol POP3) at Thu Nov 2 07:51:00 2006: poll completed
fetchmail: normal termination, status 1
November 6th, 2009 at 11:46 am
That was inspiring, This is a very helpful article Thanks for sharing your research Keep up the good work