From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 1A3EF158042 for ; Sat, 26 Oct 2024 17:14:22 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D3BB9E08A0; Sat, 26 Oct 2024 17:14:14 +0000 (UTC) Received: from out.packetderm.com (out.packetderm.com [173.166.91.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8187AE088A for ; Sat, 26 Oct 2024 17:14:14 +0000 (UTC) Received: from localhost (out.packetderm.com[173.166.91.13]) by smtp (5.7.4/5.7.4) with ESMTPSA id 49QHECqB043365 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Sat, 26 Oct 2024 13:14:13 -0400 (EDT) (envelope-from waltdnes@waltdnes.org) Date: Sat, 26 Oct 2024 13:14:17 -0400 From: Walter Dnes To: Gentoo Users List Subject: [gentoo-user] fetchmail: OpenSSL reported: error:0A00018A:SSL routines::dh key too small Message-ID: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Archives-Salt: 2b82e7df-a79f-4a35-b2d5-f5b744614229 X-Archives-Hash: baafe0500483e24b839142128d1fe744 My personal domain inbound email is directed to COTSE.net. I pull with fetchmail. After yesterday's world update, fetchmail has been failing with the error message in the subject. I can still access my incoming email via webmail mode (BLEAGH!!!). I've set my gmail address to forward directly to my ISP inbox, avoiding this problem. It seems that the latest openssl has ratcheted up their "security level". After "asking Mr. Google", I tried the answer at... https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level which doesn't work for me. I also tried reverting to the previous version of openssl. That failed because... * the latest "curl" requires the latest openssl * a whole bunch of apps in my "world" now require the latest "curl" I also tried... * USE="-ssl" emerge fetchmail # results in authorization failure * USE="weak-ssl-ciphers" emerge openssl # doesn't help Any ideas? Webmail sucks! -- There are 2 types of people in this world 1) Those who can extrapolate from incomplete data