Ignore certificate fingerprint mismatch #35

mafrosis opened this Issue May 1, 2012 · 3 comments


None yet

2 participants

mafrosis commented May 1, 2012

Is it possible to automatically accept a fingerprint mismatch?

As far as I can tell from looking at the code, this isn't currently possible. The "certificates" option defaults to true so my certificate is stored for future connections - although my choice to accept the mismatch is not stored.

Can an option be added please? Probably this app is going to mostly be used non-interactive so it would be really useful.

It doesn't look too hard to add another configuration value - I'll have a go at writing a patch unless you suggest otherwise.

lefcha commented May 2, 2012

It's not possible to ignore fingerprint mismatches, but it is possible to disable certificate checking all-together. You can do this by setting the following in your configuration:

options.certificates = false

Ignoring fingerprint mismatches does not make much sense, since that's the whole purpose of certificate checking; ie. to warn the user when there is a fingerprint mismatch. Thus by disabling the whole certificates infrastructure you get the same result.

mafrosis commented May 8, 2012

OK cool thanks for this. You're obviously right about the fingerprints - I'll take that up with my provider.

BTW, I never could get imapfilter to build under debian wheezy. I installed all potentially relevant *-dev libs but always got one of these:

imapfilter.h:9:17: fatal error: lua.h: No such file or directory

@mafrosis mafrosis closed this May 8, 2012
lefcha commented May 11, 2012

On Debian or Debian-based distributions you can compile with:

make INCDIRS=-I/usr/include/lua5.1 LIBLUA=-llua5.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment