5
fetchmail logs showing a Tor exit node is compromised - SDF Chatter
lemmy.sdf.orgThis is what my fetchmail log looks like today (UIDs and domains obfuscated):
fetchmail: starting fetchmail 6.4.37 daemon fetchmail: Server certificate
verification error: self-signed certificate in certificate chain fetchmail:
Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3 fetchmail: This
could mean that the root CA's signing certificate is not in the trusted CA
certificate location, or that c_rehash needs to be run on the certificate
directory. For details, please see the documentation of --sslcertpath and
--sslcertfile in the manual page. See README.SSL for details. fetchmail: OpenSSL
reported: error:0A000086:SSL routines::certificate verify failed fetchmail:
autistici.org: SSL connection failed. fetchmail: socket error while fetching
from user4@server4.com@server4.com fetchmail: Query status=2 (SOCKET) fetchmail:
Server certificate verification error: self-signed certificate in certificate
chain fetchmail: Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3
fetchmail: This could mean that the root CA's signing certificate is not in the
trusted CA certificate location, or that c_rehash needs to be run on the
certificate directory. For details, please see the documentation of
--sslcertpath and --sslcertfile in the manual page. See README.SSL for details.
fetchmail: OpenSSL reported: error:0A000086:SSL routines::certificate verify
failed fetchmail: server3.com: SSL connection failed. fetchmail: socket error
while fetching from user3@server3.com@server3.com fetchmail: Server certificate
verification error: self-signed certificate in certificate chain fetchmail:
Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3 fetchmail: This
could mean that the root CA's signing certificate is not in the trusted CA
certificate location, or that c_rehash needs to be run on the certificate
directory. For details, please see the documentation of --sslcertpath and
--sslcertfile in the manual page. See README.SSL for details. fetchmail: OpenSSL
reported: error:0A000086:SSL routines::certificate verify failed fetchmail:
server2.com: SSL connection failed. fetchmail: socket error while fetching from
user2@server2.com@server2.com fetchmail: Query status=2 (SOCKET) fetchmail:
Server certificate verification error: self-signed certificate in certificate
chain fetchmail: Missing trust anchor certificate: /C=US/O=Let's Encrypt/CN=R3
fetchmail: This could mean that the root CA's signing certificate is not in the
trusted CA certificate location, or that c_rehash needs to be run on the
certificate directory. For details, please see the documentation of
--sslcertpath and --sslcertfile in the manual page. See README.SSL for details.
fetchmail: OpenSSL reported: error:0A000086:SSL routines::certificate verify
failed fetchmail: server1.com: SSL connection failed. fetchmail: socket error
while fetching from user1@server1.com@server1.com fetchmail: Query status=2
(SOCKET) In principle I should be able to report the exit node somewhere. But I
don’t even know how I can which exit node is the culprit. Running nyx just shows
some of the circuits (guard, middle, exit) but I seem to have no way of
associating those circuits with fetchmail’s traffic. Anyone know how to track
which exit node is used for various sessions? I could of course pin an exit node
to a domain, then I would know it, but that loses the benefit of random
selection.
In
nyx
, on the first page, presse
and enable STREAM events. These have the following form:Find the correct stream based on hostname/ip, then you can cross-reference the
[circuit id]
with the items on the Connections page.Thanks for the tip. The info would be gone now but I’ll try that next time it happens.