andrewlkho/gist:10643479

Created April 14, 2014 12:29

Star (1) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/andrewlkho/10643479.js"></script>
Save andrewlkho/10643479 to your computer and use it in GitHub Desktop.

Import SSL certificate for use in msmtp

Raw

With the recent heartbleed SSL vulnerability, FastMail have updated their SSL certificates. Here's how to download the certificate and convert it into PEM form.

Find out which certificate you need:

% msmtp -a fastmail --tls-certcheck=off --tls-trust-file= --serverinfo

Download the certificate:

% curl -O https://www.digicert.com/CACerts/DigiCertHighAssuranceCA-3.crt

Convert it into PEM format:

% openssl X509 \
> -inform DER -in DigiCertHighAssuranceCA-3.crt \
> -outform PEM -out DigiCertHighAssuranceCA-3.pem

huynhtanloc2612 commented Dec 14, 2020

Thanks @jezen, I tried your suggestions and it shows below message

msmtp: TLS handshake failed: An unexpected TLS packet was received.
msmtp: could not send mail (account default from /data/data/com.termux/files/home/.msmtprc)

Do you have any idea?

jezen commented Dec 14, 2020

@huynhtanloc2612 Sorry, I won't be able to help. You might be able to make progress by running msmtp in debug mode.

huynhtanloc2612 commented Dec 15, 2020

Thanks @jezen!
Finally I can use msmtp to send email successfully.
What I did:

Turn on tls_starttls in .msmtprc file.
tls_starttls on
Turn on the second factor verification for my google account and then create an app password. Put the app password into .msmtprc file
password <the app password>
Send an email with below command line
printf "Subject: Test\nHello"|msmtp [email protected]
And it worked :))

jezen commented Dec 16, 2020

@huynhtanloc2612 Excellent. Thanks for documenting your steps here 👍

ProjectJYL commented Jul 23, 2021

I was able to send mails following all the steps provided. Thanks guys for your contribution!