Before you do anything else, have a look into '/var/spool/mail'
first. If there's a file with your user name, everything's fine. If not,
create it as 'root' with these commands:
touch /var/spool/mail/[user name]
chmod 600 !$ && chown [user name] !$
'Fetchmail' is controlled by a file called '.fetchmailrc'
in your or 'root's' home directory. Since the syntax of this file is very
simple and well documented in man fetchmail , you could write
it yourself. But 'easier' is better than 'easy', and since 'Fetchmail' comes
with an exemplary good graphical configuration-helper, you want to use it.
Start the configuration-helper as the user who is supposed
to get the mail by typing fetchmailconf & on a virtual terminal
prompt. Click on the 'Configure Fetchmail' button and then on the 'Novice
Configuration' button. Don't care about the 'Poll interval', I will show
you a better way to configure that later.
Enter the full name of the server(s) you get your mail from into the 'New
Server' field, adding each entry by hitting the ENTER key. Now double click
on an entry to bring up the configuration window for this server.
Into the 'New User' field you put your user name at the remoteserver.
Usually it is the first part of your mail address, e.g. if your mail address
would be 'joe@isp.com', you would have to enter 'joe' here. Add it with the
ENTER key and double-click on the entry.
Enter the password for your mail account and the name of the local
user who should get mail retrieved from this account (most likely that's
you). Remove any other entries 'Fetchmailconf' might have already
put in there.
I would advise you to check the option "Suppress the deletion of messages
after reading" for now. If everything works properly, you can change it later.
If not, you've avoided running the risk of losing mail. This option will
leave a copy of all messages you retrieve on the remote server.
Close the windows by clicking on the OK buttons until you are back at the
first window, the 'fetchmail launcher'. Open a connection to the Internet
and click the 'Test fetchmail' button. You will see a log window. Do not
be alarmed if this window shows no sign of life for a while: the log will
be printed after fetchmail has finished its job. If the second to
last line reads fetchmail: normal termination, status 0 , everything's
OK. If not, check the log and your configuration.
Note that fetchmail has most likely put your mail not
into your local mail directory in your home directory, but into a file called
'/var/spool/mail/[your user name]'. Don't worry, I'll show you how to change
that later.
section index top
Running 'Fetchmail' by hand or from the launcher every
time would be to awkward. How about retrieving mail every time you connect
to the Internet? And to elaborate this idea: what about making 'Fetchmail'
polling your mail in specified intervals as long as you are connected to
the 'Net?
This is done via the scripts 'ip-up.local' and 'ip-down.local'
in '/etc/ppp'. These scripts can contain commands you want to have executed
each time you connect or disconnect. These scripts must be executable (chmod
+x ) and the first line must contain #!/bin/bash .
Making 'Fetchmail' poll your mailboxes automatically
is done by putting it into 'daemon mode' :
fetchmail -d [seconds]
[seconds] specifies the polling interval in seconds.
So to poll your mail every five minutes, put this line into /etc/ppp/ip-up.local:
fetchmail -d 300
Note that since ip-up/down scripts are called by a root
process, 'Fetchmail' looks for its configuration file in root's
home directory. For security reasons the configuration must only be read/writable
by its owner (since your passwords are stored in there). 'Fetchmail' refuses
to work with configurations which do not meet this requirement.
Another effect is that you can't use a configuration file which does not belong
to 'root'. This is simple logic: all programs started from ip-up/down scripts
are owned by root and so does 'Fetchmail'. And 'Fetchmail' does not accept
a configuration file which isn't owned by the user who started it.
This command for 'root' will solve the problem:
chown root:root .fetchmailrc && mv .fetchmailrc
~
Another possibility would be to run Fetchmail in daemon
mode right on boot, e.g. by installing the 'fetchmail-daemon' package from
your Mandrake CD. This package installs a service script in '/etc/rc.d/init.d'
which can be controlled via the usual 'service' commands. If you use this
package, the 'fetchmailrc' has to be located in the '/etc' directory.
If the next two paragraphs ('SMTP After POP' and 'SSH')
are of no interest to you, jump directly to the last step of configuring
your email system, the page about configuring the Procmail
mail filter.
section index top
Many service providers use SMTP-After-POP Authentication
to protect their servers against being abused as spam-relays. This means
that clients are required to poll their mailbox first (which is password-protected),
before they are allowed to send mail (which usually isn't protected).
You can run into a problem when you are using a "Smarthost" and 'Postfix'
"gets there" before 'Fetchmail'. In this case the remote host won't accept
mail delivered by 'Postfix' and by the time 'Fetchmail' has authenticated
you, 'Postfix' might have given up already on trying to get rid of its mail.
So what you need is a mechanism which ensures that 'Postfix' will always
be runafter 'Fetchmail' has connected the remote host. For this
'Fetchmail' provides the 'postconnect' option. Append the following string
to '.fetchmailrc':
postconnect "/usr/sbin/sendmail -q"
Of course you must remove the sendmail command from
'ip-up.local' now to allow this setting to take effect.
section index top
Note: this requires that you have SSH already installed
and configured on your machine. (Article on
SSH.
If you are polling your mail frequently, your password
is sent via an insecure network very often. SSH does not only protect your
password, as a nice side effect it also allows you to compress data sent
via its tunnel.
If your mail server supports SSL certificates (Article on Secure POP3 Server), things are
pretty easy: just add ssl to the end of the server's entry in
your '~/.fetchmailrc'. Make sure to run the fetchmail command with the--verbose
switch once to see if it works. You should get something like this when 'fetchmail'
contacts the mail server:
fetchmail: Issuer Organization: [ISP.com]
fetchmail: Issuer CommonName: [ISP.com]
fetchmail: Server CommonName: [ISP.com]
This is a part of the server's SSL certificate and proves
that all data will be transmitted safely using SSL.
If your mail server runs an SSH server, but doesn't
support SSL (or you have trouble getting your mail via SSL), you can tunnel
your connection via SSH. The appropriate entry in your '~/.fetchmailrc' should
look like this then:
poll localhost with protocol POP3 and port 11110:
user "[remote user]" there is [local user] here
preconnect "ssh -C -f [remote user]@[remote server] -L 11110:[remote server]:110
sleep 5"
password "[remote password]"
mda "/usr/bin/procmail -d %T"
What happens is this: before fetchmail connects to the
remote mail server, it tells SSH to build an encrypted data tunnel between
the remote server and your machine. Once this tunnel is established, 'fetchmail'
polls thelocal end of the tunnel (port 11110 of localhost), the
tunnel forward this poll to the remote end (port 110 of [remote server],
port 110 is the standard port for POP3) and the remote server forward his
replies to the local end of the tunnel. If you run 'fetchmail' from the command
line, you will get a message like this as soon as the tunnel is established:
Waiting for forwarded connections to terminate...
The following connections are open:
direct-tcpip: listening port 11110 for [remote server] port 110, connect
from 127.0.0.1 port 32790
More information about this can be found in the Secure
POP via SSH mini-HOWTO.
section index top
Configuring Procmail
|