I'm trying to setup fetchmail to pull from my work's exchange server (2007) using imap. It seems to connect just fine but none of the authentication methods seem to work. I've tried ntlm and plain (it is over ssl) so far. Here is my config:
poll work.server.com proto imap username elarson password "secret" ssl
Any ideas on what could be going wrong or how to better configured my fetchmailrc?
Are you providing the username in the form of an email address? If not, give that a shot. That works for me on a test box, at least.
What is error message you get? I am using the following simple .fetchmailrc with an MS Exchange 2003 server and it's working for me.
poll exchangeserver.com protocol imap user 'username' with password 'password' is localuser here
If your Exchange server is capable of NTLM authentication and your fetchmail was compiled in with NTLM support, it will automatically try authenticating against it. You don't need to use SSL unless you specifically want to. For troubleshooting, you can do the following:
$ fetchmail -c -v -f .fetchmailrc
fetchmail: --check mode enabled, not fetching mail
fetchmail: 6.3.21 querying server exchangeserver (protocol IMAP) at Thu 15 May 2014 17:44:23 BST: poll started
Trying to connect to 10.101.1.4/143...connected.
fetchmail: IMAP< * OK Microsoft Exchange Server 2003 IMAP4rev1 server version 6.5.7638.1 (vendac04.uk.venda) ready.
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< * CAPABILITY IMAP4 IMAP4rev1 IDLE LOGIN-REFERRALS MAILBOX-REFERRALS NAMESPACE LITERAL+ UIDPLUS CHILDREN AUTH=NTLM
fetchmail: IMAP< A0001 OK CAPABILITY completed.
fetchmail: IMAP> A0002 AUTHENTICATE NTLM
fetchmail: IMAP< +
fetchmail: IMAP> TlRMTVNTUAABAAAAB7IAAAgACAAgAAAAAAAAAAgAAABtcXVhcnR1cw==
fetchmail: IMAP< + TlRMTVNTUAACAAAACgAKADgAAAAFgoECNy9B3cvogQoAAAAAAAAAAHQAdABCAAAABQLODgAAAA9WAEUATgBEAEEAAgAKAFYARQBOAEQAQQABABAAVgBFAE4ARABBAEMAMAA0AAQAEAB1AGsALgB2AGUAbgBkAGEAAwAiAHYAZQBuAGQAYQBjADAANAAuAHUAawAuAHYAZQBuAGQAYQAFABAAdQBrAC4AdgBlA======
fetchmail: IMAP> TlRMTVNTUAADAAAAGAAYAEAAAAAYABgAWAAAAAoACgBwAAAAEAAQAHoAAAAQABAAigAAAAAAAABaAAAABYKBAmXV2xY4N1ZrMpuTF2h1NrogSCWInruidjikDq+AFjIuofC6nc73N4VSACT2iWo+cFYARQBOAEQAQQBtAHEAdQBhAHIAdAB1AHMAbQBxAHUAYQByAHQAdQBzAA==
fetchmail: IMAP< A0002 OK AUTHENTICATE completed.
fetchmail: IMAP> A0003 EXAMINE "INBOX"
fetchmail: IMAP< * 6723 EXISTS
fetchmail: IMAP< * 6 RECENT
fetchmail: IMAP< * FLAGS (\Seen \Answered \Flagged \Deleted \Draft $MDNSent)
fetchmail: IMAP< * OK [PERMANENTFLAGS ()] Permanent flags
fetchmail: IMAP< * OK [UNSEEN 6718] Is the first unseen message
fetchmail: IMAP< * OK [UIDVALIDITY 121712] UIDVALIDITY value
fetchmail: IMAP< A0003 OK [READ-ONLY] EXAMINE completed.
(...)
To test basic IMAP connectivity, you can telnet to the IMAP port (143) of the Exchange server to see if your username/password is working.
$ telnet exchangeserver 143
Trying 10.1.1.4...
Connected to exchangeserver.
Escape character is '^]'.
* OK Microsoft Exchange Server 2003 IMAP4rev1 server version 6.5.7638.1 (exchangeserver.localdomain) ready.
? login username password <--- TYPE IT AS IT IS SHOWN WITH QUESTION MARK
? OK LOGIN completed.
? logout <--- TYPE IT AS IT IS SHOWN WITH QUESTION MARK
Connection closed by foreign host.
For more info on the above, follow this link. Once that's working, you can make sure that your Exchange server accepts your Windows credentials over standard IMAP. Microsoft's NTLM authentication will used by fetchmail over IMAP provided that the Exchange server will advertise it in its capability response. The password will be masked and not sent over the network en clair.
NOTE: Your Windows AD alias must match your Windows AD account name, otherwise IMAP won't work. This was my problem and it took us a few hours to figure out and fix it.
